_  Who  Wants  to  be  an 

Entrepreneur! 


Have  an  idea  for  a  new  product  service  or  company?  Enter  our  “Who  Wants  to  be  an 
Entrepreneur?"  contest  and  earn  a  shot  at  $30,000  in  cash  and  services.  PAGE  6. 
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Digital  cinemas  open 
new  career  path;  still 
learning  about  the 
popcorn. 


■  BY  DENISE 
AND  JENNIFER  MEARS 


Move  over  Halle  Berry.  Step  aside  Tom  Cruise.  The  movie 
industry’s  next  casting  call  is  for  network  and  IT  pros. 
That’s  because  the  film  business  is  on  the  verge  of  a 
revolution  that  centers  around  digital  cinema  technology 
which  will  entail  zipping  movie  files  over  satellite  and  land¬ 
line  networks  onto  new  high-speed  networks  at  cinemas. The 
new  system,  which  has  been  in  the  works  for  about  five  years, 
will  replace  largely  manual  distribution  methods  that  haven’t 
changed  much  since  the  release  of  “The  Great  Train  Robbery” 
in  1904. 

Digital  cinema  holds  the  promise  of  slashing  distribution 

See  Cinemas,  page  14 


DAN  VASCONCELLOS 


Cisco  to  revamp 
I0S  software 


■  BY  PHIL  HOCHMUTH  AND 
JIM  DUFFY 

NEW  YORK—  Cisco  will  re¬ 
lease  a  new  version  of  its  core 
IOS  operating  system  in  the  com¬ 
ing  months  that  is  more  modular, 
flexible  and  secure,  company 
executives  said  last  week. 

The  advance  will  let  users  add 
features  to  routers  and  switches 
without  taking  them  offline,  and 
help  companies  speed  the  de¬ 
ployment  of  services  such  as 
VoIRquality  of  service  and  secu¬ 
rity  while  minimizing  the  risk  of 
glitches. 

Some  users  and  analysts  say 

See  Cisco,  page  12 


I  (Modularity  means 
you  have  the  ability  to 
partition.  So  you  have 
a  real-time  kernel, 
rather  than  the  classic 
embedded  kernel.  9  V 

Mike  Volpi,  Senior  vice  president, 
Cisco  Routing  Technology  Group 


High-end 
router  on  tap 

■  BY  JIM  DUFFY 

NEW  YORK  —  Cisco  plans  to 
unveil  by  June  its  next-genera¬ 
tion  Internet  core  router,  a  key 
part  of  the  company’s  bid  to  re¬ 
tain  its  sizable  market  lead  in  the 
face  of  growing  competition 
from  Juniper  and  others. 

Cisco  Senior  Vice  President 
Mike  Volpi  last  week  confirmed 
that  a  new  platform  running  40G 
bit/sec  OC-768c  interfaces  and 
See  Router,  page  12 


Users  turn  to  virtual  data  marts 


Security  holes  force  firms 
to  rethink  coding  processes 


■  BY  ANN  BEDNARZ 

As  companies  work  to  integrate 
new  and  legacy  application  sys¬ 
tems,  the  cost  of  that  effort  contin¬ 
ues  to  climb  —  already  it  con¬ 
sumes  about  35%  of  the  total  cost 
of  installing,  writing  or  modifying 
an  application,  according  to 
Gartner. 


IT  departments  are  under  pres¬ 
sure  to  make  operational  data 
trapped  in  transactional  systems 
available  faster  and  to  a  broader 
audience  of  users.The  problem  is 
spawning  new  products  from 
IBM,  Oracle  and  BEA  Systems  — 
and  a  crop  of  start-ups  including 
Avaki,  CenterBoard  and  Com¬ 
posite  Software  —  that  help  com¬ 


panies  glean  business  informa¬ 
tion  on  the  fly 

So-called  data  integration  tools 
let  users  run  analytic  queries 
against  distributed  data  sources 
without  having  to  replicate  the 
data  or  alter  existing  application 
sources.  Queries  run  over  corpo¬ 
rate  networks,  polling  internal  and 
See  Integration,  page  56 


■  BY  ELLEN  MESSMER 

Microsoft’s  issuance  last  week 
of  14  security  patches  raised  fears 
that  worm-based  attacks  would 
follow  and  sparked  discussion  on 
how  to  better  build  code. 

Of  the  holes  identified  in  Win¬ 


dows  XR  Windows  Server  2003 
and  older  versions,  some  are  so 
critical  that  exploiting  them 
could  lead  to  total  compromise 
of  machines  and  files,  security  ex¬ 
perts  say  But  the  way  to  eliminate 
such  vulnerabilities  isn’t  via 
See  Holes,  page  8 
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CLEAR  CHOICE 
TESTS 


Network  configuration  management 


TrueControl  from  Rendition  Networks  wins  our  test  of  five 
network  configuration  management  tools.  DeviceAuthority 
Suite  from  AlterPoint  gets  high  marks  for  its  user  interface. 
Page  37. 


Cut  router 
costs  in  half 
(without 
compromising 
performance). 


The  NetVanta"  3000  Series  from  ADTRAN 


Dare  to  Compare! 

NetVanta 

3305 

Industry -Leading 
Brand 

Dual  Network  Interfaces 

✓ 

s$s 

Dual  Ethernet  Interfaces 

✓ 

$$$ 

Stateful  Inspection  Firewall 

✓ 

$$$ 

Command  Line  Interface  (CLI) 

✓ 

✓ 

Quality  of  Service  (QoS) 

✓ 

✓ 

VLAN  Trunking 

✓ 

✓ 

Virtual  Private  Networking  (VPN) 

s 

$$$ 

Dial  Backup 

s 

$$$ 

PBX  Connectivity 

$ 

sssss 

Unlimited  Telephone  Support 

Free 

sss 

Operating  System  Updates 

Free 

$$$$ 

Warranty 

5  Year 

1  Year 

Uncompromising  quality.  Affordable  price.  There's  no  better  value 
in  access  routers  than  the  NetVanta  3000  Series  from  ADTRAN. 


Using  a  NetVanta  3000  router,  you  can  outfit  a  remote 
location  with  complete  77  voice  and  data  communications 
for  50%  less  than  you’re  accustomed  to  paying.  Loaded 
with  standard  features,  and  available  with  very  reasonably 
priced  options,  the  NetVanta  3000  Series  is  everything  you 
need  in  a  router  and  more.  Lower  price  isn’t  the  result  of 
cutting  corners — it’s  the  result  of  smart  engineering. 
Engineering  that’s  backed  by  a  100%  satisfaction  guarantee 
from  ADTRAN,  including  unlimited  telephone  technical 
support  (before  and  after  the  sale),  free  ADTRAN  OS  updates, 
and  a  full  five-year  warranty.  Try  a  NetVanta  3000  router  today. 
And  start  getting  more  out  of  your  router  dollar. 

«* 

Why  pay  more? 


Take  the  CLI  Challenge!  Receive  a  free  T-Shirt! 

www.adtran.com/info/wh  ypa  ymore 

877.767.6022  Technical  Questions 
877.280.8416  Where  to  Buy 
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“Communications 

SOLUTIONS 
Product  If  lie  Year 


Experts  choose  ADTRANI" 


AdIraH 


Copyright© 2004  ADTRAN  Inc.  All  rights  reserved  ADTRAN  is  a  registered  trademark  of  ADTRAN.  Inc. 

NetVanta  is  a  trademark  of  ADTRAN,  Inc.  Five-year  warranty  applies  only  in  North  America.  EN65B022304NWW 
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I  CLEAR  CHOICE  ipi 


TrueControl  from  Rendition  Networks 

TrueControl  from  Rendition  Networks  wins  our  Clear  Choice  Award  in  the 
network  configuration  management  category  for  its  excellent  search, 
audit  and  reporting  capabilities.  Page  37. 


Packaged  consumer  goods  manufacturers 
are  turning  to  RFID  tags  to  n*AP  A 
streamline  their  supply  chains.  rAut  M 
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| . Exclusive 

Windows  Media  on  Linux  and  Unix? 

Multimedia  Editor  Jason  Meserve  says  we  could  be  looking  at  a  hell- 
freezes-over  scenario  as  Starbak  says  it  will  demo  a  new  media  player 
client  that  will  let  Linux  and  Solaris  users  watch  Windows  Media-encoded 
video  on  their  desktops.  DocFinder  1638 

Confessions  of  a  cryptovirus  fiend 

Senior  Editor  Ellen  Messmer  looks  at  the  new  book  Malicious 
Cryptography:  Exposing  Cryptovirology,  which  she  says  is  a  jolting 
reminder  that  a  lot  of  damage  is  going  to  occur  if  computer  virus  writ¬ 
ers  and  hackers  ever  start  using  encryption  in  a  widespread  way. 

DocFinder  1639 

WLAN  Showdown 

If  you  missed  our  weeklong  event,  it's  all  archived  online,  See  WLAN  switch 
vendors  Airespace,  Aruba,  Chantry,  Extreme,  Symbol  and  Lrapeze  take  on 
each  other  and  answer  questions  from  experts  and  readers. 

DocFinder:  1640 

Seminars  and  events 


Secrets  of  effective  enterprise  WANs  revealed 

How  should  your  network  support  on-demand,  automatic  or  grid  comput¬ 
ing?  What's  the  best  way  to  adopt  Web-enabled  and  service-oriented 
applications?  When  should  you  separate  and  blend  wireless  and  wireline? 
Attend  "WANs:  Survival  of  the  Fittest . . .  Fastest . . .  Smartest,"  the  new 
Network  World  Technology  Tour  event,  and  find  out. 

DocFinder  1459 
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Columnists 

Wireless  Wizards 

Can  we  improve  client  wireless  transmissions? 

A  wireless  ISP  asks  the  Wireless  Wizards  how  they  can  solve  its 
e-mail  issues. 

DocFinder:  1642 

Telework  Beat 

Utah  program  creates  hundreds  of  rural  IT  jobs 
Net.Worker  Managing  Editor  Toni  Kistner  looks  at  Smart  Site, 
which  helps  small  firms  expand  by  providing  equipment,  training. 

DocFinder:  1643 

Small  Business  Tech 

Testing  fast  wireless  routers 

Columnist  James  Gaskin  says  if  you’re  still  running  an  802.11b 
network,  now's  a  good  time  to  upgrade. 

DocFinder:  1644 

Home  Base 

Up  and  running 

Columnist  Steve  Ulfelder  on  why  business  continuity  is  more 
important  to  you  than  it  is  to  General  Motors. 

DocFinder  1645 


Breaking  News 

Go  online  for  breaking  news  every  day.  DocFinder  6342 

Free  e-mail  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 

DocFinder:  6343 


What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and 
resources  online.  Simply  enter  the  four-digit 
DocFinder  number  in  the  search  box  on  the 
home  page,  and  you’ll  jump  directly  to  the 
requested  information. 
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FCG  heats  up  rural  wireless  access 

El  The  FCC  last  week  kicked  off  a  process  that  might  open  more 
radio  frequency  spectrum  for  high-speed  wireless  services  in 
rural  parts  of  the  country  The  FCC  proposed  allowing  unli¬ 
censed  devices  to  operate  in  some  or  all  of  a  frequency  band 
between  3650  MHz  and  3700  MHz,  while  also  seeking  comment; 
on  licensed  use  of  the  band  or  segmentation  of  the  band  for 
both  types  of  use.  Wireless  ISPs  want  to  use  the  spectrum  to 
deliver  broadband  to  individual  customers  and  Internet  gate¬ 
ways  in  sparsely  populated  areas,  the  FCC  said.  Either  licensed 
or  unlicensed  users  would  have  to  avoid  interference  with  fixed 
satellite  service  earth  stations  that  use  spectrum  in  that  range, 
the  FCC  said,  noting  that  those  earth  stations  are  primarily  on 
the  East  and  West  coasts. 

Offshoring  twists  and  turns 

■  Dell  this  week  fanned  the  flames  of  the  anti-offshoring  movement,  saying  it  now 
employs  more  workers  overseas, 24,000, than  it  does  in  the  U.S.,22,000.The  country’s  No. 

1  PC  maker  said  it  derived  about  36%  of  its  fiscal  2004  net  revenue  from  international 
sales  and  that  it  recently  set  up  technical  and  customer  support  operations  in  India, 
Panama,  Slovakia,  Morocco  and  China.  Although  Dell  has  come  under  fire  along  with 
other  companies  by  critics  who  say  that  so-called  offshoring  is  robbing  U.S.  citizens  of 
jobs,  the  company’s  newly  anointed  CEO,  Kevin  Rollins,  has  said  Dell  will  continue  the 
practice.  Rollins  the  company’s  current  COO  who  is  due  to  take  the  CEO  position  in 
coming  months,  recently  said  the  issue  of  offshoring  was  “overblown.”  Meanwhile  the 
backlash  against  offshoring  continued  to  grow  last  week  as  Arizona  Gov.  Janet 
Napolitano  banned  the  outsourcing  of  state  jobs.The  governor  is  upset  that  some  19,000 
state  welfare  and  food  stamp  calls  were  routed  to  call  centers  in  India  and  Mexico, 
according  to  a  United  Press  International  report.  Other  states  have  similar  provisions  in 
the  works. 

Have  money,  will  settle 

■  Less  than  two  weeks  after  settling  its  disputes  with  Sun,  Microsoft  last  week 
reached  an  agreement  with  InterTrust  Technologies  to  settle  a  case  over  InterTrust’s 


. .  and  then  we  stick  it  in  Larry  Ellison’s  mailbox!” 


Thanks  to  the  above  cap¬ 
tion,  Leo  Sopicki  of  Rancho 
Cucamonga,  Calif.,  was  the 
winner  of  our  latest 
Caption  Contest.  Next 
week,  it  could  be  you. 

Write  something  funny,  win  something  cool. 
http://napps.nwfusion.com/weblogs/layer8/index.html 


Layer 


www.nwfusion.com 


TheGoodlheBadTheUgiy 

<=,  % 

<§>  Smut  alert  The  Federal  Trade  Commission  last  week  said  pornographic 
spam  messages  will  have  to  include  in  their  subject  line  a  label  reading  "SEXUALLY- 
EXPLICIT:"  Only  time  will  tell  whether  this  rule,  in  effect  as  of  May  19,  will  cut  down 
on  the  number  of  these  messages  that  are  read  or  boost  readership. 
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'Q/  Schools  under  attack.  The  National  Science  Foundation  says  ' 


malicious  hackers  in  recent  weeks  have  infiltrated  computer  systems  at  universities 
that  operate  high-performance  computer  centers  in  the  U.S.  and  other  countries, 
leading  to  questions  about  the  security  of  scientific  research  data.  The  identity  of 
the  hackers,  who  hijacked  logons  and  slowed  down  systems  through  use  of  programs 
used  to  disguise  themselves,  has  yet  to  be  determined. 

Spam  bugs  . ■  Hidden  code  in  e-mails  increasingly  is  being  used  to  track 

the  success  of  unsolicited  commercial  e-mail  campaigns,  according  to  anti-spam 
technology  company  MX  Logic.  The  vendor  says  up  to  half  of  all  spam  released  in 
the  last  year  has  been 


bugged  with  "spam 
beacons"  that  send  a 
coded  message  back  to 
the  sender  whenever  a 
spam  message  is 
N  opened.  This  helps 
spammers  refine  their 
distribution  lists.  > 


digital  rights  management  software.  As  part  of  the  deal,  Microsoft  will  pay  $440  mil¬ 
lion  to  InterTrust  to  license  the  company’s  patent  portfolio.  InterTrust  will  be  given 
the  right,  under  Microsoft-owned  patents,  to  design  and  publish  DRM  and  security 
technical  specifications,  Microsoft  said.  Microsoft  received  rights  to  use  InterTrust’s 
technology  for  the  life  of  its  patents,  around  20  years,  Microsoft  said.  Customers  are 
covered,  as  are  content  providers  that  use  Microsoft  technology  to  protect  content, 
the  company  said. 

You  say  Windows,  I  say  Linspire 

■  Embattled  Linux-based  software  vendor  Lindows.com  formally  changed  the  name  of 
its  desktop  operating  system  from  LindowsOS  to  Linspire  last  week  after  a  two-year 
trademark  dispute  with  Microsoft.  The  company  said  it  renamed  its  product  to  end 
Microsoft’s  international  legal  attacks.  Microsoft  has  sued  Lindows.com  for  trademark 
infringement  in  several  countries  over  the  similarity  between  the  Windows  and  Lindows 
names. 

That's  a  lot  of  Trojans 

■  In  a  disconcerting  note,  ISP  EarthLink  and  privacy  software  vendor  Webroot 
Software  released  a  report  last  week  that  said  Trojan  horse  or  system-monitoring 
programs  were  found  on  more  than  30%  of  all  Internet-connected  systems  scanned, 
raising  fears  of  identity  theft. The  study  also  found  an  average  of  almost  28  spyware 
programs  are  running  on  Internet-connected  PCs.The  report  presents  the  results  of 
scans  of  more  than  1  million  Internet-connected  computers.  In  particular,  the  detec¬ 
tion  of  more  than  184,000  Trojan  horse  programs  on  the  systems  scanned  and  a  sim¬ 
ilar  number  of  system-monitoring  programs,  such  as  key-logging  software,  under¬ 
score  the  potential  for  identity  theft  and  system  compromise  for  Internet  users. 
Many  of  the  29  million  spyware  programs  found  were  harmless  “adware”  programs 
that  display  advertising  banners  or  track  Web  surfing  behaviors.  However,  the  com¬ 
panies  also  found  more  than  300,000  instances  of  programs  that  can  steal  personal 
information  or  provide  unauthorized  access  to  computers  (for  more  on  malware 
see  Mark  Gibbs’  column,  page  58). 
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enterasys" 

Networks  that  Know 


These  days,  no  network  is  free  of  threats.  That’s  why  you  have  to  assign  network  security  privileges  to  everyone.  Employees,  customers, 
and  partners.  You  need  to  set  an  acceptable  use  policy  that  dictates  what  each  of  them  can  and  can’t  access.  Until  now,  you  hatl  to  do 

this  manually. 


Not  anymore.  Now  you  can  do  what  Baylor  University  did.  Implement  an  Enterasys  Secure  Networks™  solution  with  a  unique,  policy- 
based  system  that  empowers  the  network  to  allocate  resources  based  on  specific  users  and  their  roles.  The  network  “set's’’  who  the  user 
is  and  assigns  privileges  accordingly.  This  improved  control  also  gives  you  more  security. 


It’s  all  about  giving  you  a  smarter  way  to  network  with  central,  intuitive  management.  Find  out  more  at  networksthatknow.com/BavIor. 
Or  ask  any  one  of  the  many  enterprise  customers  we’ve  worked  with  for  years. 
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Qpteron  gains  respect,  challenges  remain 


■  BY  JENNIFER  MEARS 

Advanced  Micro  Devices  has 
shaken  up  the  server  industry  in 
the  year  since  it  introduced  its 
32-/64-bit  Opteron  chip,  opening 
the  world  of  64-bit  computing  to 
business  users  looking  for 
expanded  performance,  but  with 
industry-standard  pricing. 


On  Thursday,  AMD  will  play  host 
at  an  event  in  New  York  celebrat¬ 
ing  the  oneyear  anniversary  of 
Opteron,  which  lets  users  run  32- 
and  64-bit  applications  on  the 
same  platform. 

The  chip  has  been  widely 
embraced,  and  all  major  systems 
vendors  —  except  Dell  —  have 
shipped  products  based  on  the 


NetworkWorld's 

_  Who  Wants  to  be  an  . 

Entrepreneur: 

Get  in  the  running  with  Network  World’s  contest  for  IT  professionals. 


P 


When  you  see  those  announcements  about  millions  of  dol¬ 
lars  in  venture  capital  being  awarded  to  one  start-up  or 
another,  have  you  ever  thought  to  yourself,  "Hey,  what 
about  me?  What  about  my  idea?"  After  all,  professionals 
like  you  are  the  ones  who  know  what  products  and  services  are 
needed  to  solve  real  world  problems. 

Well,  now  is  your  chance.  Introducing  Network  World's  "Who 
Wants  to  be  an  Entrepreneur?”  contest,  which  will  recognize  the 
best  idea  for  a  new  product,  service  or  company.  The  contest, 
developed  by  Network  World  in  conjunction  with  Commonwealth 
Capital,  a  venture  capital  firm  in  Wellesley,  Mass.,  is  sponsored  by 
public  relations  firm  fama  PR  of  Cambridge,  Mass.,  service 
provider  Qwest  Communications  of  Denver  and  the  law  firm  of 
Testa,  Hurwitz  &Thibeault  LLP  of  Boston. 

Well  give  the  winner  a  jump-start  with  venture  capital  expo¬ 
sure,  $30,000  in  cash  and  paid  in-kind  professional  services,  cov¬ 
erage  in  Network  World,  and  a  chance  to  rub  elbows  with  other 
entrepreneurs  at  Network  World's  annual  Demo  conference  and 
exhibition  in  Scottsdale,  Ariz. 


Here's  how  it  will  work: 

•  Visit  www.nwfusion.com  (DocFinder:  1631)  to  access  the 
entry  form,  which  must  be  filled  out  and  returned  by  mid¬ 
night  May  17. 

•  A  panel  of  judges  will  whittle  down  the  entries  to  three  to 
five  finalists,  basing  their  decisions  on  the  submissions'  origi¬ 
nality,  value  and  relevance  to  the  network  industry.  Judges 
include  Network  World  editors  as  well  as  representatives 
from  Commonwealth  Capital,  Gold  Wire  Technology,  North 
Bridge  Venture  Partners,  Sigma  Partners  and  Testa,  Hurwitz 
&Thibeault. 

•  Arrangements  will  be  made  for  finalists  to  make  a  more 
detailed  pitch  to  the  judging  panel. 

•  The  winner  will  be  told  by  June  21  and  announced  in  the  June 
28  issue  of  Network  World. 

So  do  you  want  to  be  an  entrepreneur?  Here's  your  chance  to 
take  a  shot. 
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processor,  helping  AMD’s  finan¬ 
cial  picture.  Last  week,  the  com¬ 
pany  reported  first-quarter  sales 
of  $1.2  billion,  up  73%  compared 
with  the  same  quarter  last  year. 
Net  income  for  the  quarter  was 
$45  million,  compared  with  a  net 
loss  of  $146  million  last  year. 

By  forging  partnerships  with  HP 
IBM  and  Sun,  AMD  has  put  pres¬ 
sure  on  Intel,  which  until  now 
faced  almost  no  competition  in 
the  high-volume,  low-end  of  the 
server  market,  where  it  holds 
about  a  98%  share,  according  to 
1DC.  In  February,  Intel  announced 
that  it,  too,  would  roll  out  64-bit 
extension  technology,  called  Intel 
Extended  Memory  64  Technology 
(EM64T),for  its  x86  processors. 

Intel  says  a  dual-processor 
Xeon  with  EM64T  technology, 
code-named  Nocona,  will  debut 
in  the  next  few  months.  Intel’s  MP 
Xeon  for  multiprocessor  servers 
would  get  the  extension  technol¬ 
ogy  in  2005. 

The  AMD/Intel  competition  “is 
going  to  make  the  technology 
race  a  lot  more  aggressive,  as  well 
as  likely  result  in  more  competi¬ 
tive  pricing  for  customers,”  says 
Jamie  Gruener,  a  senior  analyst 
with  The  Yankee  Group.  “But  cus¬ 
tomers  will  really  have  to  do  their 
homework  to  determine  which 
platform  is  best  for  the  applica¬ 
tion  they’re  trying  to  run." 

For  AMD,  the  biggest  challenge 
will  be  to  continue  enhancing 
Opteron  for  enterprise  use, 
which  means  looking  beyond 
processor  speed  improvements 
to  designing  chipsets  that  pro¬ 
vide  more  reliability  and  man¬ 
agement  capabilities  that  corpo¬ 
rate  users  demand. 

It’s  this  system-focused  perspec¬ 
tive  that  may  give  Intel  the  edge 
once  Nocona-based  systems  start 
rolling  out.  Dell,  HP  and  IBM  have 
said  they  will  use  Nocona. 

“Intel  has  been  focusing  consis¬ 
tently  not  only  on  chip  design, but 
also  focusing  on  elements 
around  the  chip:  the  chipset, 
architecting  the  management 
better,  system  health.  They’ve 
done  a  lot  of  work  to  improve  the 
server  platform  in  the  last  couple 
of  iterations  of  their  chips,” 
Gruener  says.  “While  AMD  has 
done  a  good  job  of  designing  a 
really  [high-performance]  plat¬ 
form,  there  is  a  lot  more  that  has 
to  go  into  it.” 

Still,  the  systems  vendors  contin¬ 
ue  to  roll  out  Opteron-based  prod¬ 
ucts.  This  week  HP  is  expected  to 
announce  shipment  of  the  four¬ 


Road  ahead 

AMD  celebrates  the  first  anniversary  of  its  Opteron 

processor  with  Sun,  HP  and  IBM  all  offering  servers 

based  on  the  32-/64-bit  chip.  Now  Intel  is  about  to  get 

into  the  game. 

Challenges: 

•  Intel  plans  to  roll  out  EM64T,  giving  Xeon  64-bit  capabilities,  in 
the  next  few  months. 

•  AMD  needs  to  look  beyond  processor  speeds  and  work  with 
OEMs  to  improve  management  and  system  health  technology. 

•  AMD  must  be  clear  about  the  differences  between  the  two 
offerings,  or  customers  may  opt  for  Intel  because  it’s  a  name 
they  know  better. 

Strategies: 

•  AMD  is  portraying  the  Intel  threat  as  good  for  the  technology, 
saying  it  further  validates  Opteron. 

•  AMD  says  more  low-power  options,  blade  and  four-way  con¬ 
figurations,  better-performing  processors  and  more  application 
support  are  just  some  of  the  areas  where  it’s  focusing. 

•  Unlike  Intel,  AMD  embeds  its  memory  controller  into  the  chip 
and  also  uses  HyperTransport  technology  to  transfer  I/O 
requests  between  processors. 


way  $8,300,  Opteron-based  DL  585 
it  introduced  in  February  The 
company  is  already  shipping  the 
two-processor  Opteron-based  DL 
145.HP  also  is  expected  this  week 
to  announce  a  new  Linux-based 
cluster  that  uses  DL  145  boxes. 

Meanwhile  Sun  is  expected  to 
announce  a  pre-tested  hard¬ 
ware  and  software  bundle  for 
secure  Web  serving,  which 
includes  its  Opteron-based 
v20z,  Java  Web  Server  and 
Solaris  operating  system. 

Opteron  and  Intel’s  EM64T 
might  end  up  slowing  adoption 
of  Intel’s  64-bit  Itanium,  at  least  on 
the  low  end,  analysts  say  While 
Opteron  and  EM64T  are  not  posi¬ 
tioned  to  compete  against 
Itanium,  which  offers  higher-end 
RISC-like  performance,  most  ana¬ 
lysts  and  industry  observers  agree 
that  the  swell  of  support  around 
Opteron  is  what  forced  Intel  to 
introduce  EM64T. 

“To  a  degree  that  there  wasn’t  a 
real  alternative,  1  believe  Intel 
would  have  just  continued  to 
plug  Itanium  until  Itanium  won 
by  default,”  says  Gordon  Haff,  an 
analyst  at  Illuminata.  “Certainly 
there  would  have  been  other 
potential  dark  horses  like  IBM 
Power.  But  Opteron  lent  a  certain 
urgency  to  Intel  to  counter,  lest 
they  potentially  lose  a  chunk  of 
the  market.” 

The  market  is  clearly  there. 
According  to  IDC,  about  35,000 


Opteron-based  systems  shipped 
in  2003  after  AMD  introduced  the 
chip  on  April  22,  compared  with 
about  19,000  Itanium  systems  for 
Intel  for  all  of  2003. 

“I  don’t  want  to  come  off  saying 
this  is  an  Itanium  killer,  because  I 
don’t  think  it  is,” says  John  Enck,a 
research  vice  president  at 
Gartner.  “But  certainly  it  creates 
barriers  for  Itanium  to  move  into 

this  high-volume  market _  Intel 

wanted  to  speed  up  the  transition 
from  Xeon  to  Itanium.  By  being 
forced  into  expanding  the  Xeon 
technology  that  obviously  has  a 
slowing  effect  on  Itanium  adop¬ 
tion  in  the  high-volume  market.” 

“One  of  the  largest  roadblocks 
for  migrating  to  a  64-bit  architec¬ 
ture  system  is  running  all  the  32- 
bit  applications  that  we  have  a 
considerable  investment  in,"  says 
Wade  Phillips,  technology  and  IS 
manager  at  Shakopee  School 
District  in  Minnesota.  “From  a 
public  education  perspective,  it 
would  be  nearly  impossible  to 
implement  64-bit  computing 
without  stepped  migration 
where  we  can  run  both  types  of 
applications.”  ■ 
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Users  ponder  Microsoft  security  plans 


Security  slate 


Microsoft  this  year  plans  to  introduce  a  number  of  security  upgrades  to  its  software, 
including  enhancements  to  its  desktop  operating  system  and  patch-management  tools. 


Tool 

Release 

Description 

Windows  XP  Service 

Pack  2 

No  laterthan  June  30 

Includes  personal  firewall  and  other  upgrades  that 
lock  down  vulnerable  operating  system  services 
by  default. 

Internet  Security  and 
Acceleration  Firewall  2004 

No  laterthan  June  30 

Firewall  for  perimeter  security  includes  URL  scann¬ 
ing,  new  configuration  and  access  control  tools. 

Windows  Server  2003 
Service  Pack  1 

Second  half  of 
this  year 

Includes  Security  Configuration  Wizard,  roles- 
based  administration  tool  to  configure  server  and 
lock  down  ports  and  services. 

Windows  Update  Services 

Second  half  of 
this  year 

Free  server-based  application  for  downloading 
and  deploying  patches. 

■  BY  JOHN  FONTANA 

DENVER  —  Microsoft  should 
retrofit  older  software  with  new 
security  enhancements  it  plans  to 
release  later  this  year  and  add 
more  support  and  better  report¬ 
ing  features  to  its  forthcoming 
patch-management  tools,  accord¬ 
ing  to  users  attending  at  a  stop  on 
the  company’s  current  20-city 
Security  Summit  road  show. 

End  users  say  older  versions  of 
software  they  run,  especially  Win¬ 
dows  98  and  2000  and  server  soft¬ 
ware  such  as  Exchange  and  SQL 
Server,  would  benefit  from  new 
security  tools  Microsoft  is  devel¬ 
oping.  Those  tools  include  the 
Internet  Connection  Firewall 
(ICF)  on  the  desktop  and  auto¬ 
mated  patch-management  tools 
for  servers  and  desktops,  both  of 
which  are  set  for  delivery  no  later 
than  June  30  when  Microsoft 
ships  Windows  XP  Service  Pack  2 


and  Windows  Update  Services 
(WUS),  respectively  In  addition, 
users  say  WUS,  a  free  server-based 
application  for  downloading  and 
deploying  patches,  also  would 
benefit  from  more  sophisticated 
reporting  tools  that  detail  patch 
installations. 

Users’  have  made  these  sugges¬ 
tions  because  ICF  isn’t  compati¬ 
ble  with  operating  systems  re¬ 
leased  before  XPWUS  initially  will 
only  support  Windows  XP  Pro¬ 
fessional,  Win  2000,  Windows 
Server  2003,  Office  XpOffice  2003, 
SQL  Server  2000,  MSDE  2000,  and 
Exchange  2003.  Microsoft  will 
only  say  other  software  will  be 
added  over  time. 

Some  users  are  caught  in  a 
deployment  conundrum. 

“We  can’t  implement  what  is 
available.  Microsoft  is  addressing 
our  security  needs,  but  we’re  not 
able  to  take  advantage  of  it  right 
now"  said  Jeff  Rachwitz,  network 


engineer  for  Harrison  School 
District  2  in  Colorado  Springs.“We 
can’t  automatically  deploy  patch¬ 
es  to  our  Windows  98  desktops 
with  WUS.” 

That  means  half  of  the  districts 
3,000  desktops,  which  are  spread 


out  over  21  schools,  have  to  be 
patched  individually,  as  new 
patches  are  released.  The  district 
can’t  upgrade  those  desktops 
because  its  educational  applica¬ 
tions  won’t  run  on  XP 
The  district  has  been  able  to 


upgrade  the  other  half  of  its  desk¬ 
tops  to  XP  to  take  advantage  of 
welcomed  security  features, 
including  ICF  and  the  predeces¬ 
sor  to  WUS,  Software  Update 
Services  1.0,  but  now  those 
See  Summit  page  10 


Holes 

continued  from  page  1 

patches,  but  in  creating  tools  and 
processes  for  building  more 
secure  code  and  weeding  out 
problems  in  the  development 
phase. 

It’s  a  problem  that  bedevils  not 
only  Microsoft  but  any  large  com¬ 
pany  that  writes  its  own  applica¬ 
tions  or  source  code.  Many  orga¬ 
nizations  try  to  stomp  bugs  by 
having  the  chief  software  archi¬ 
tect  and  programmers  work  in  a 
formal  process  with  the  security 
manager’s  staff  as  part  of  the 
code-evaluation  process,  says 
Steve  Orrin.CTO  at  Sanctum. 

Gathering  dust 

Although  companies  often 
make  an  effort  to  train  developers 
about  problems  such  as  buffer 
overflows,  Orrin  says,  the  corpo¬ 
rate  policy  ideas  contained  in 
written  secure-coding  practices 
“usually  sit  on  a  shelf  gathering 
dust.”The  pressure  to  get  product 
out  the  door  sometimes  means 
the  code  review  isn’t  as  thorough 
as  it  could  be. 

Michael  Howard,  Microsoft’s 
senior  program  manager  in  the 
security  business  and  technolo¬ 
gies  unit,  last  week  refuted  any 
suggestion  that  Microsoft  ships 
any  product  before  thorough 
security-based  code  evaluation. 

“We’ve  delayed  products  such 
as  Windows  Server  2003  for  nine 
months  because  of  security 


issues,” says  Howard,  whose  job  is 
to  foster  expertise  among  Micro¬ 
soft  programmers  through  a  con¬ 
tinuing  education  process  and 
what  he  describes  as  a  “buddy 
system”  that  teams  security 
experts  with  programmers. 

But  Microsoft  only  has  about  a 


Windows 

weaknesses 

Microsoft  identified  14 
vulnerabilities  in  its 
Windows  XP,  NT,  2003, 
2000  and  98  products 
last  week.  Here  are  the 
most  critical  ones: 

Windows  Local  Security 
Authority  Service  Server 

•  Flaw  permits  attacker  to 
completely  compromise  system. 

Secure  Sockets  Layer 

•  Attacker  can  launch  denial- 
of-service  attack. 

ASN.1  vulnerability 

•  Permits  remote-execution 
of  code. 

Windows  DCOM/Remote 
Procedure  Call 

•  Attack  could  cause  denial 
of  service  or  possibly  execu¬ 
tion  of  arbitrary  code  with 
System  privileges. 

For  more  information,  see  www.microsoft. 
Gom/technet/default.mspx  and  www. 
ccrt.org. 


dozen  of  these  security  specialists 
to  interact  with  about  20,000  soft¬ 
ware  engineers.  Howard  says 
Microsoft  is  looking  at  doing 
more  online  training  to  be  able  to 
“scale”  the  process. 

Redmond  makes  use  of  home¬ 
grown  code-review  tools,  includ¬ 
ing  the  desktop-based  Prefix  for 
static  code  review  and  Prefast 
that  runs  on  servers.  Prefast  even¬ 
tually  might  be  added  to  Micro¬ 
soft’s  Visual  Basic  development 
tool.  Microsoft  also  sometimes 
turns  to  outside  firms  —  eEye 
Digital  Security  is  one  —  for 
independent  review  of  products. 

In  fact,  eEye  Digital  Security 
months  ago  uncovered  several  of 
the  most-critical  vulnerabilities 
that  Microsoft  identified  last 
week.  But  eEye  COO  Firas  Raouf 
says  word  of  the  vulnerabilities 
was  kept  quiet  until  a  patch  could 
be  devised. 

EEye  Digital  Security,  which 
sells  vulnerability  scanners 
and  will  soon  announce  a 
host-based  intrusion-prevention 
product,  relies  on  crack-shot 
bug-hunters  and  tools  devel¬ 
oped  in-house  to  pinpoint  hard- 
to-see  flaws  in  software. 

Raouf  adds  that  the  firm  some¬ 
times  has  contests  to  see  which 
team  of  researchers  can  find  secu¬ 
rity  holes  and  fix  them.“At  the  end 
of  the  contest,  they  might  win  a 
trip  to  Hawaii  or  a  laptop,”  he  says, 
adding  eEye  also  will  hire  outside 
evaluators,  such  as  Neohapsis,  to 
check  eEye  products. 


Much  security  review  remains 
manual  —  and  might  be  more  art 
than  science  —  though  auto¬ 
mated  tools  for  application  and 
source-code  analysis  are  becom¬ 
ing  more  available.  Freeware 
tools,  such  as  Splint  or  the  Rough 
AuditingTool  for  Security  (“Rats”) 
maintained  by  Secure  Software, 
also  can  be  of  help. 

Getting  automated 

HB  Gary’s  BugScan,  as  well  as 
Parasoft’s  Automated  Error  Pre¬ 
vention  software  tool,  released 
earlier  this  year  for  uncovering 
security-related  mistakes  related 
to  SQL  and  buffer  overflows  in  the 
C  and  C++  coding  process,  are 
part  of  the  trend  toward  automat¬ 
ed  security  code  reviews.  Spi 
Dynamics  and  Sanctum  each  re¬ 
cently  began  offering  their  Web 
security-test  tools  integrated  into 
Mercury  Interactive’s  Test  Director 
quality-assurance  test  tool. 

Start-ups  in  the  area  are  prolif¬ 
erating. 

Last  month  a  company  named 
Reasoning  began  offering  a  “bug- 
identification  service”  for  analyz¬ 
ing  source  code  for  security 
flaws.  Earlier  this  month,  start-up 
Fortify  Software  introduced  its 
Source  Code  Analyzer  Server,  a 
$50,000  per  CPU  software  pack¬ 
age  that  C,  C++  and  Java  develop¬ 
ers  can  use  to  detect  weaknesses 
in  their  nightly  builds  of  code. 

Fortify  also  offers  a  $25,000  tool 
called  Red  Team  Workbench  for 
Windows  and  Linux  servers  that 


can  help  security  specialists 
check  for  exploits  aimed  at  Web 
applications  and  XML-based  Web 
services. 

Finally, start-up  Ounce  Labs  next 
month  May  plans  to  ship  Prexis,  a 
tool  designed  for  use  by  CIOs  and 
chief  security  officers  to  evaluate 
C  or  C++  source  code  that  devel¬ 
opers  produce. 

“This  is  a  tool  for  those  with 
responsibility  for  understanding 
where  risks  are,”  says  Jack 
Danahy,  president  and  CEO  of 
Ounce  Labs.  The  company  says 
that  Prexis,  which  starts  at 
$50,000.  is  said  to  run  at  compil¬ 
er  speed  to  evaluate  applications 
for  security  risks,  presenting  the 
information  as^V-Density”  reports 
of  vulnerabilities  that  need  to  be 
addressed. 

While  Microsoft  last  week  had 
a  lot  of  explaining  to  do,  anyone 
who  thinks  its  operating  systems 
are  worse  in  terms  of  vulnerabil¬ 
ities  than  say,  Linux,  is  going  to 
be  surprised  by  a  report  that 
security  expert  Stuart  McClure, 
president  and  CTO  at  security 
products  vendor  Foundstone, 
will  publish  next  month. 

In  his  apples-to-apples  study 
comparing  the  history  of  flaws 
discovered  in  several  versions  of 
Linux  to  Microsoft  software, 
McClure  says,  “Linux  is  worse” 
with  about  10%  more  flaws 
uncovered.® 
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Introducing  the  new  HP  ProLiant  DL145  server  featuring  the  performance-boosting  AMD  Opteron™  processor. 

You  can  now  unleash  greater  server  performance  even  as  you  rein  in  spending.  Our  new  HP  ProLiant  DL145  server  turns  up  the  dial  on  32-bit  performance, 
owing  to  the  lightning-quick  memory  access  of  the  AMD  Opteron  processors.  Setup  is  simple.  And  based  on  industry  standards,  the  DL145  is  exceedingly 
flexible  and  scalable  to  fit  seamlessly  into  your  network,  now  and  many  quarters  down  the  road.  When  you  need  technology  solutions  that  work  harder 
within  your  budget,  demand  more  affordability  and  more  performance,  from  HP. 


HP  ProLiant  DL145 
SERVER 

$1,599 

1  xl.60GHz  AMD  Opteron  processor 
expandable  to  2  x  2.20GHz 
1GB  PC2700  DDR  SDRAM  expandable 
to  16GB 

Integrated  dual  port  10/100/1000  NICs 
1  40GB  ATA  hard  disk  drive 
1  PCI-X  64-bit/133MHz  slot 
1-Year  Limited  Global  Warranty 


invent 


To  learn  more  about  how  the  HP  ProLiant  DL145  can  give  you  an  affordable 
performance  boost,  go  to  www.hp.com/go/ProLiantAMD5  or  call  1-877-726-8112. 


Prices  shown  are  HP  direct  prices;  reseller  and  retail  prices  may  vary.  Prices  shown  are  subject  to  change  and  do  not  include  applicable  state  and  local  taxes  or  shipping  to  recipient's  address.  For  hard  drives,  GB=billion  bytes.  Certain  warranty  restrictions  and  exclusions  apply. 
For  complete  warranty  details,  call  1-800-345-1518  (U.S.).  All  featured  offers  available  in  U.S.  only.  AMD,  the  AMD  Arrow  Logo,  AMD  Opteron  and  combinations  thereof  are  trademarks  of  Advanced  Micro  Devices,  Inc.  ©2004  Hewlett-Packard  Development  Company,  L.P. 
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Mendocino  revives  continuous  data 


H  BY  DENI  CONNOR 

Storage  start-up  Mendocino 
Software  isn’t  focusing  on  back¬ 
ing  up  data  —  instead,  it  wants 
to  let  users  instantly  recover 
applications  and  data,  while 
maintaining  the  integrity  of  their 
transactions. 

Competitors  such  as  Revivio 
and  TimeSpring  focus  only  on 
recovering  data. 

Mendocino’s  software  —  called 
RealTime  —  will  recover  applica¬ 
tions  such  as  PeopleSoft,  Oracle 
or  SAP  and  maintain  the  integrity 
of  their  transactions.  The  compa¬ 
ny  says  it  hopes  to  meld  the  soft¬ 
ware  it  acquired  from  defunct 
recovery  start-up  Vyant  Technol¬ 
ogy  with  the  native  transaction 
rollback  mechanisms  of  these 
database  applications. 

Analysts  say  this  is  a  smart 
strategy. 

“Mendocino  is  approaching  this 


from  the  data  level,  really  working 
to  link  application  health  to  the 
storage  environment,”  says  Jamie 
Gruener,  a  senior  analyst  with  The 
Yankee  Group.  “Lots  of  software 
will  recover  the  data  sets,  but 
understanding  how  those  data 
sets  relate  to  the  application  is 
crucial." 

Mendocino’s  host-based  soft¬ 
ware,  which  runs  on  Solaris  and 
A1X  servers,  lets  users  instantly 
recover  data  and  continue  their 
operations  uninterrupted. 

“It  has  a  GUI  with  a  time-slide 
on  it  that  lets  you  roll  back  trans¬ 
actions  to  any  point  in  time, ’’says 
Dan  Kinne,  vice  president  of  IT 
for  the  Silver  State  Schools 
Credit  Union  in  Las  Vegas. 

“Before  using  RealTime  it 
could  take  us  hours  to  days  to 
recover  data,”  Kinne  says.  “In 
most  cases  we  would  have  to 
restore  back  to  our  previous 
close  of  day  and  recover  for¬ 


Summit 

continued  from  page  8 

machines  can’t  run  the  educational  applications. 

The  presentation  in  Denver  drew  900  people,  who  attended  daylong 
seminars  after  receiving  a  summary  of  current  tools  and  a  review  of 
Microsoft’s  security  road  map  from  Richard  Kaplan,  who  last  week  was 
appointed  corporate  vice  president  for  business  development  mar¬ 
keting  and  emergency  response  in  Microsoft’s  Security  Business  Unit. 

Kaplan  said  Microsoft  will  evaluate  adding  security  features  in  XP 
SP2  to  older  operating  systems,  but  he  said,  “We  have  no  commit¬ 
ments  yet.” 

Despite  calls  for  some  changes,  most  users  say  it’s  about  time 
Microsoft  made  the  commitment  to  secure  its  software  and  applaud¬ 
ed  the  company’s  ongoing  efforts,  which  began  in  earnest  two  years 
ago  with  its  Trustworthy  Computing  initiative. 

“Windows  has  always  been  designed  to  be  easy  to  use;  now  they 
have  to  make  up  for  lost  time’’  said  Michael  Henry,  a  developer  with 
Manakoa  Service  Group  in  Boulder,  Colo.,  which  develops  software 
for  risk  management  and  regulatory  compliance.  Henry  said  that 
ease  of  use  fuels  security  problems  with  Microsoft  software. “In  time 
they  will  improve,”  said  Henry,  adding  that  Manakoa  will  take  advan¬ 
tage  of  the  new  security  features  in  its  future  tools. 

However,  Microsoft  did  not  hear  encouragement  from  everyone. 

“Things  are  sure  to  get  worse  before  they  get  better  because  hack¬ 
ers  have  seen  Microsoft’s  weaknesses,  and  they  continue  to  exploit 
them,” said  Ray  Haschenburger,  president  of  Alternative  Computers  in 
Denver,  an  IT  contractor  to  government  organizations.“Users  are  get¬ 
ting  close  to  the  attitude  of  ‘fix  it  or  get  off  the  pot.’” 

Haschenburger  said  he  already  sees  Linux  creeping  into  govern¬ 
ment  organizations  for  security  and  reliability  reasons.  “Years  ago 
complaints  about  daily  patches  for  HP-UX  hurt  HRand  the  same  sce¬ 
nario  is  hurting  Microsoft  nowf  he  said.  “They  are  running  scared 
because  this  [Denver  security  summit]  is  packed  with  people  look¬ 
ing  for  better  security” 

Roberta  Bragg,  an  independent  computer  security  evangelist  who 
spoke  at  the  summit  in  Denver,  said  evaluating  Microsoft’s  job  on 
security  has  to  take  into  account  all  the  products  they  have.“Microsoft 
is  doing  a  tremendous  job,  but  they  have  a  long  way  to  go,” she  said. 

Bragg  said  Microsoft  can’t  escape  accountability  for  all  its  products, 
but  that  other  vendors,  IT  administrators  and  end  users  must  all  play 
a  part  in  securing  a  network  environment.  ■ 


■  PROFILE: 


MENDOCINO  SOFTWARE 

Location: 

Fremont,  Calif. 

Founded: 

March  2003 

Primary 

product: 

RealTime  Instant  database  recovery  software 

Cost: 

$65,000  per  terabyte  protected 

Management: 

Peter  Levine,  CEO;  Steven  Colman,  president 
and  COO;  Jeff  Rothschild,  CTO.  All  were 
previously  with  Veritas  Software. 

Funding: 

$15  million  from  Mayfield,  Accel  Partners,  Advent 
International  and  Foundation  Capital. 

Fun  fact: 

One  Mendocino  software  architect  keeps  a  cattle 
prod  in  the  office  to  motivate  employees  to  meet 
deadlines. 

ward.  Thirty-two  percent  of  our 
customers  are  active  Internet 
banking  users  and  Vegas  is  a  24- 
hour  town,  so  you  always  need 
to  be  available.” 

With  Mendocino’s  RealTime 
software  all  changes  to  an  appli¬ 
cation  are  recorded  and  time- 
stamped  as  they  are  written  to 
disk.  If  the  application  fails,  the 
software  can  rewind  it  to  the 
closest  minute  before  the  fail¬ 
ure.  This  is  unlike  traditional 
backup  and  recovery,  replication 
or  snapshot  backups,  which  are 
limited  by  the  frequency  a  cus¬ 
tomer  uses  them  to  back  up  the 
network.  RealTime  restores  data 
by  rewinding  the  previously 
queued  data  until  it  has  moved 
beyond  the  system  crash  point. 

“Customers  have  a  server  with 
a  critical  application  running  on 
it,  and  they  need  to  be  sure  that 
server  can  be  recovered  as 
quickly  as  possible  to  the  point 
in  time  closest  to  when  it  failed,” 
says  Chris  Eidler,  vice  president 
of  product  operations. 

Observers  will  ask  why  anyone 
would  expect  Mendocino  to 
succeed  when  Vyant  didn’t.  John 
Wernke,  vice  president  of  mar¬ 
keting  for  Mendocino,  says  there 
are  two  reasons. 


“When  you  look  at  Vyant,  they 
had  awesome  capabilities  to 
produce  intellectual  property 
but  never  had  the  business 
savvy  the  distribution  and  the 
partnerships  that  make  a  com¬ 
pany  successful,”  Wernke  says. 
“You  also  have  analysts  saying 
that  2004-2005  is  the  right  time 
for  recovery  technologies  and 
disk-based  backup.” 

Gartner  indicates  that  back-up 
products  increasingly  will  man¬ 
age  data  based  on  recovery-time 
objectives.  Further,  the  firm  esti¬ 


mates  that  by  2007,  more  than 
50%  of  data  will  be  recovered 
from  disk,  up  from  5%  of  data 
recovered  from  disk  today. 

“My  concern  is  less  with  the 
technology  than  it  is  with  the 
fact  that  this  company  is  a  start¬ 
up,”  says  Mike  Karp,  a  senior  ana¬ 
lyst  for  Enterprise  Management 
Associates. 

Wernke  says  Mendocino 
counts  10  companies  as  its  cus¬ 
tomers.  Among  them  is  long-dis¬ 
tance  provider  Startec  Global 
Communications.  ■ 


Netifice  to  unwrap  VPN  service 


■  BY  DENISE  PAPPALARDO 

Netifice  Communications  is  expected  to  an¬ 
nounce  this  week  an  upgraded  VPN  service  that 
eliminates  the  need  for  customers  to  install  con¬ 
centrators  at  their  sites. 

The  company’s  Network-based  IPSec  VPN  service 
goes  beyond  to  Netifice’s  current  VPN  offering, 
which  requires  customer  premises  equipment 
(CPE)  to  be  deployed  at  each  customer  site. 

Netifice  has  upgraded  its  Cisco  7206  Provider 
Edge  routers  with  new  software  and  cards  to  sup¬ 
port  its  new  fully  managed  service. 

The  service  provider  has  Cisco  routers  deployed 
in  all  its  32  points  of  presence  across  the  country 
The  dollar  amount  the  service  provider  has  invest¬ 
ed  in  the  upgrades  is  not  publicly  available,  says 
Greg  Davis,  vice  president  of  marketing  and  prod¬ 
uct  management  at  Netifice. 

The  Leather  Factory  has  deployed  Netifice’s 
Network-based  IPSec  VPN  service  to  connect  all  52 
of  its  retail  stores,  says  Steven  Stratton,  IT  manager 
at  the  national  retail  chain. 

The  retailer  took  bids  from  AT&T,  Qwest, 
Broadwing,  MCI,  Sprint  and  Netifice,  but  Stratton 
says  Netifice  was  the  only  carrier  willing  to  mix  a 
variety  of  DSL  speeds  and  access  technologies 
such  as  cable,  satellite  and  dedicated  T-l  to  the 
same  VPN.  “It  was  one  of  the  key  reasons  why  we 


chose  Netifice,”  he  says. 

Netifice  is  not  the  first  to  offer  a  network-based 
VPN.  Many  of  its  competitors,  including  AT&T, 
Sprint  and  MCI,  offer  such  a  service.  But  the  ser¬ 
vice  provider  does  claim  to  offer  users  a  cost 
advantage. 

The  company  is  charging  $30  per  month,  per 
site,  for  its  Network-based  IPSec  VPN  service  on 
top  of  a  user’s  standard  access  fees.  Users  can 
expect  to  “save  about  one-third  off  of  what  they 
paid”  for  CPE-based  VPN  services  from  most 
providers,  Davis  says. 

Netifice  customers  typically  will  pay  about  $150 
per  month,  which  includes  the  VPN  service  fee,  for 
the  VPN  service  with  a  symmetric  DSL,  asymmetric 
DSL  line  or  satellite  connectivity  through  Netifice 
partner  Hughes  Network  Systems,  Davis  says. 

Netifice  works  with  a  dozen  DSL  service  providers 
and  a  handful  of  other  carriers,  including  New  Edge 
Networks  and  AT&T,  to  offer  dedicated  T-l  and  frame 
relay  access  to  its  network.  T-l  or  frame  relay  VPN 
connectivity  can  cost  up  to  $400  per  month,  per  site, 
for  both  access  and  VPN  service. 

The  company  also  offers  users  service-level 
agreements  (SLA)  that  cover  its  last-mile  partner 
networks.  The  standard  SLA  guarantees  99.9%  net¬ 
work  availability,  round-trip  network  latency  that 
does  not  exceed  160  millisec  and  packet  delivery 
that  does  not  fall  below  99.7%.  ■ 
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10S  overhaul 

Cisco  says  its  device  software  will  be  more  modular  in  the  future. 


Features  on  IOS  images  today  are  bundled  into 
unique  builds  of  the  software,  often  requiring  the 
entire  image  to  be  loaded  to  install  a  new  feature: 

IOS  image  example  for  a  Cisco  3640  router: 

C3640-IGO-M 

_ _ i  . _ i  i _ . 


Platform  identifier  Feature  set  Image  execution  location 


A  sample  of 
common 
feature  sets: 


Feature  set 

Content 

A2 

ATM 

B 

AppleTalk 

G 

ISDN  subset 

1 

IP  subset 

O 

Firewall 

Cisco  is  proposing  a 
modular  architecture 
overhaul  to  IOS,  in  which 
features  would  run  in 
partitions  and  could  be 
added  on  top  of  an 
underlying  IOS  kernel: 
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SOURCE:  CISCO  IOS  IN  A  NUTSHELL  BY  JAMES  BONEY 


Cisco 

continued  from  page  1 

the  Internetwork  Operating  System 
(IOS)  improvements  were  a  long  time 
coming,  while  others  contend  that  such 
an  architectural  change  could  engender 
a  new  set  of  network  problems  for  router 
administrators. 

Mike  Volpi,  senior  vice  president  of  Cis¬ 
co’s  Routing  Technology  Group,  outlined 
the  IOS  plans  last  week  during  an  interview 
with  Network  World  editors. 

“Modularity  means  you  have  the  ability 
to  partition,”  Volpi  said.  “So  you  have  a 
real-time  kernel  that  runs  underneath  it, 
rather  than  the  classic  embedded  kernel 
of  IOS.”  This  partitioning  will  make  the 
operating  system  more  reliable  by  reduc¬ 
ing  downtime  because  of  bug  fixes,  fea¬ 
ture  additions,  upgrades  or  unplanned 
events,  he  said. 

Versions  of  IOS  run  on  almost  all  Cisco 
equipment,  from  small-office  to  carrier- 
class  routers  and  the  company’s  Catalyst 
enterprise  switches,  security  appliances 
and  Wi-Fi  gear. 

The  software’s  current  architecture  is 
tightly  bundled,  even  monolithic,  experts 
say  IOS  includes  a  base  software  image 
with  embedded  features  that  are  compiled 
for  specific  builds  to  perform  certain  tasks 
—  from  IP  and  legacy  protocol  support  to 
firewalling  and  VoIP 

“To  put  a  feature  on  a  router, you  can't  just 
add  the  little  pieces  you  want,”  says  James 
Boney  author  of  the  book  Cisco  IOS  In  A 
Nutshell." You  have  to  upload  a  whole  new 
IOS  version  and  then  reboot,”  he  says.  “If 


Router 

continued  from  page  1 

featuring  a  modular  version  of  IOS  will  be 
on  display  in  mid-June  at  the  annual 
Supercomm  telecom  conference  in 
Chicago. 

“It  will  be  there,  I’m  quite  certain,” he  said 
of  what  will  become  the  company’s  top-of- 
the-line  system. 

Though  details  remain  sketchy,  the  so- 
called  HFR  will  be  a  single  rack,  16-slot 
router  with  single-port  OC-768c  mod¬ 
ules,  making  Cisco  perhaps  the  first  to 
unveil  the  new  high-speed  interfaces  on 
a  core  router.  Cisco  offers  dual-port  20G 
bit/sec  OC-192c  blades  for  its  “40G 
bit/sec  per  slot  capable”  12816  router, 
which  is  the  company’s  current  high-end 
offering. 

The  HFR  is  expected  to  support  at  least 
640G  bit/sec  of  system  capacity,  though 
be  scalable  to  multiterabits  via  chassis 
interconnection. 

Also,  in  supporting  the  new  modular  IOS, 
Cisco  says  the  product  will  protect  differ¬ 
ent  router  features  by  placing  them  in  sep¬ 
arate  compartments.  Juniper  and  Procket 
Networks  say  they  offer  such  capabilities  in 
their  routers. 

For  Cisco,  the  stakes  are  high  as  it  intro¬ 
duces  its  new  system.The  company’s  share 
of  the  high-end  router  market  slipped  in 


you  get  it  wrong,  you  have  to  do  it  over’’ 

Even  though  IOS  is  still  monolithic, Volpi 
said  the  software  has  become  more  parti¬ 
tioned  over  the  last  few  years.  Chunks  of 
feature  code  are  now  separated,  so  they 
don’t  interfere  with  each  other  or  with  core 
routing  functions. 

While  an  entire  IOS  image  still  must  be 
loaded  during  feature  upgrades,  the  parti¬ 
tioning  has  set  the  stage  for  the  new  mod¬ 
ular  IOS  architecture. 

“Most  of  the  newer  [IOS  feature]  mod¬ 
ules  have  been  reasonably  well  partitioned 
off  already  Volpi  says.  “They  may  not  have 
the  Posix-like  API,  [similar]  to  a  Unix  oper¬ 
ating  system, but  those  are  relatively  easy  to 
add  because  we  designed  it  with  that 
modularity  in  mind.” 

He  adds  Cisco  also  will  continue  to  sup¬ 
port  IOS  as  it  exists  today 

A  modular  IOS  is  something  Cisco  has 
been  cooking  for  years,  says  Frank  Dzu- 
beck,  president  of  consulting  firm  Com¬ 
munications  Network  Architects. 

“It’s  going  to  be  an  improvement,  in  that  it 
will  be  extremely  more  stable  in  the  long 
run,”Dzubeck  says.  It  also  could  help  users 
deploy  IOS-based  gear  faster  in  large  net¬ 
works.  Before  new  IOS  builds  are  put  on 
live  networks  today  “a  lot  of  regression  test¬ 
ing  has  to  be  done,  which  can  take  months 
because  you  might  turn  on  one  option  that 
affects  others,”  he  says. 

Anticipated  Cisco's  move 

Corporate  users  say  they’ve  anticipated 
the  move  by  Cisco  and  are  eager  to  see 
the  code. 

“At  a  high  level,  we’ve  heard  about  this” 


the  fourth  quarter  from  66%  to  62%,  while 
Juniper’s  rose  3%  to  31%,  according  to 
Dell’Oro  Group. 

Juniper  has  been  selling  its  high-end 
router,  the  640G  bit/sec  T640,  for  about  two 
years  and  has  beaten  Cisco  out  on  some 
key  contracts.This  includes  the  core  router 
piece  of  the  huge  Global  Information  Grid 
-  Bandwidth  Expansion  network,  which  the 
U.S.  Department  of  Defense  Information 
Systems  Agency  is  building. 

“It’s  tough.  We  wish  we  would  have  won 
it, ’’Volpi  said. “We’re  doing  a  lot  of  things  to 
shore  ourselves  up  and  try  to  minimize 
how  much  Juniper  gear  they  actually  buy 
Over  time  as  we  introduce  newer  devices, 
we’ll  probably  have  an  interesting  opportu¬ 
nity  to  reopen  that  whole  discussion.” 

Meanwhile,  the  market  for  core  routing  is 
heating  up.  It  grew  22%  in  2003  from  2002 
and  is  expected  to  rise  another  31%  this 
year,  according  to  Dell’Oro. 

Demand  isn’t  currently  seen  as  being 
huge  for  OC-768c  packet-over-SONET,  al¬ 
though  some  of  the  world’s  largest  service 
providers  are  requesting  the  technology 
“With  the  exception  of  a  few  critical  POPs, 
by  and  large  10G  [trunks]  are  certainly 
pienty’Volpi  says. 

“Cisco’s  planning  for  the  level  of  demand 
now  —  current  demand  is  nonexistent," 
says  Mark  Bieberich,  an  analyst  at  The 
Yankee  Group.  ■ 


IOS  change,  says  Dick  Emford,  lead  net¬ 
work  analyst  for  plastics  manufacturer 
Newell  Rubbermaid  of  Freeport,  Ill.  “It 
sounds  like  a  great  idea.” 

Emford  says  whittling  down  the  myriad 
IOS  versions  to  a  few  core  software 
builds  is  a  chore  for  his  network  staff, 
which  manages  more  than  1,000  IOS- 
based  devices  across  Newell  Rubber- 
maid’s  WAN  and  LANs. 

“It  would  be  great  to  get  more  granularity 
with  IOS,  so  you  could  pick  functions  you 
want  to  support  at  a  site  and  load  only 
those,”  Emford  says.“IOS  is  so  big,  and  there 
is  so  much  functionality  in  there  that  peo¬ 
ple  don’t  need  anymore.  There  are  a  lot  of 
services  [in  IOS  code]  that  just  sit  there  tak¬ 
ing  up  memory’ 

“A  modular  IOS  is  something  we’ve  been 
inquiring  about,”  says  Dave  Wiltzius,  net¬ 
work  division  leader  at  Lawrence  Liver¬ 
more  National  Laboratory,  a  U.S.  Depart¬ 
ment  of  Energy  research  facility  in  Liver¬ 
more,  Calif. 

He  points  out  that  Cisco  is  not  the  first 
major  network  vendor  to  move  toward 
modularizing  its  operating  system.  Extreme 
Networks  in  December  launched  its  Unix- 
based  ExtremeWare  XOS  operating  system 
for  its  BlackDiamond  10K  core  switch. The 
device  runs  on  an  open  source  Unix  kernel 
with  modules  —  such  as  security,  routing 
and  redundancy  protocols  —  that  can  be 
turned  on  and  off  while  the  switch  stays 
online.  Wiltzius  tested  the  Extreme 
BlackDiamond  10K  recently  in  a  lab. 

“We  were  kind  of  surprised  at  how  much 
we  really  liked  that  capability’Wiltzius  says. 
“It  really  was  not  as  painful  a  process  to 
fine-tune  the  software  environment  [on  the 
switch]  to  match  what  we  needed,”  com¬ 
pared  with  the  process  of  fine-tuning  an 
IOS  image  for  a  specific  task. 

Wiltzius  says  plans  to  deploy  the  Ex¬ 
treme  box  in  production  were  stalled  for 
budget  reasons.  However,  the  Extreme- 
Ware  XOS-type  of  functionality  in  IOS 
would  be  helpful  because  Lawrence 
Livermore  is  predominantly 
a  Cisco  shop,  he  says. 

With  Cisco  gear  carrying 


about  80%  of  the  world’s  Internet  traffic,  a 
modularized  IOS  could  help  carriers  run 
the  ’Net  more  efficiently  analysts  say 

Modular  operating  systems  “are  in¬ 
creasingly  important  as  carriers  consoli¬ 
date  [point  of  presence]  architectures,” 
says  Mark  Bieberich,  an  analyst  at  The 
Yankee  Group.  With  the  new  functional¬ 
ity  “a  carrier  could  partition  a  router  to 
perform  core  functions  —  such  as  aggre¬ 
gation,  peering  and  treatment  of  [Multi¬ 
protocol  Label  Switching]  VPNs  —  in 
one  physical  system.” 

Bieberich  says  this  treatment  usually 
requires  separate  and  distinct  physical 
devices.  As  such,  modular  operating  sys¬ 
tems  could  lead  to  “tremendous  reductions 
in  operating  costs”  by  cutting  the  number 
of  devices,  and  trunks  and  links  be¬ 
tween  devices. 

While  the  proposed  IOS  overhaul  will 
be  useful,  drawbacks  might  surface,  ana¬ 
lysts  say. 

“Any  new  software,  even  minor  upgrades, 
always  have  issues,”  says  David  Newman, 
president  of  Network  Test,  a  network  equip¬ 
ment  evaluation  firm,  and  a  Network  World 
Lab  Alliance  member.  “Getting  people  to 
adopt  it  might  also  be*an  issue.  For  many 
enterprises,  it  might  be  akin  to  upgrading  a 
jet  engine  in  mid-flight.” 

Dzubeck  adds  that  if  IOS  is  made  more 
Unix-like, “there  could  be  situations  where 
a  module  could  be  added  that  would  open 
up  a  hole.You  didn’t  have  that  before  in  IOS 
because  it  was  totally  closed.” 

Ironically  some  IOS  security  issues  have 
cropped  up  recently  Reports  have  surfaced 
that  hacker  tools,  built  to  exploit  known 
weaknesses  in  certain  wired  and  wireless 
Cisco  gear, now  are  circulating  the  Internet. 

Volpi  says  this  doesn’t  expose  any  funda¬ 
mental  flaw  in  Cisco  technology  nor  does 
it  represent  a  great  threat  to  users. 

“So  far,  we’ve  shown  to  be  pretty  robust, 
and  there  are  no  major  issues  that  at  least 
we  know  of,”  he  said. “Being  an  embedded 
operating  system  that  sits  in  a  router,  [we] 
don’t  quite  get  the  attention 
that  a  Windows  does  with  a 
community  of  hackers.”  ■ 
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WEIGHING  THE  COST  OF  LINUX  VS.  WINDOWS? 
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One  Linux  image  running  on  One  Windows  Server  2003  image 

two  z900  mainframe  CPUs  running  on  two  900  MHz  Intel  Xeon  CPUs 


Linux  was  found  to  be  over  10  times  more  expensive  than  Windows  Server™  2003  in  a  recent  study. 
The  study,  audited  by  leading  independent  research  analyst  META  Group,  measured  costs  of 
Linux  running  on  IBM's  z900  mainframe  for  Windows-comparable  functions  of  file  serving  and 
Web  serving.  The  results  showed  that  IBM  z900  mainframe  running  Linux  is  much  less  capable 
and  vastly  more  expensive  than  Windows  Server  2003  as  a  platform  for  server  consolidation. 

To  get  the  full  study  and  other  third-party  findings,  visit  microsoft.com/getthefacts 


C  2004  Microsoft  Corporation  All  rights  reserved.  Microsoft,  Windows,  the  Windows  logo,  Windows  Server,  and  Windows  Server  System  are  either  registered  trademarks  or  trademarks  of 
Microsoft  Corporation  in  the  United  States  and/or  other  countries.  The  names  of  actual  companies  and  products  mentioned  herein  may  be  the  trademarks  of  their  respective  owners. 
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Charles  Schwartz,  executive  director  of  the  Digital  Cinema  Lab,  is  shown 
with  a  Christie  Ml 5  Digital  Cinema  Projector. 


Cinemas 

continued  from  page  1 

costs  for  studios;  estimates 
range  from  50%  to  90%  off  the 
$1  billion  spent  annually  now.  In 
addition,  supporters  say  it  will 
result  in  new  revenue  streams 
for  theater  owners  and  provide 
crisper,  clearer  movies. 

It  also  will  create  IT  jobs. 

There  are  more  than  35,700 
movie  screens  in  the  U.S.at 
6,000-plus  cinemas  —  most  of 
which  have  no  networks  to 
speak  of,  says  John  Fithian,  presi¬ 
dent  of  the  National  Association 
of  Theater  Owners. 

“Some  have  a  computer 
hooked  up  to  a  slow  dial-up 
line,  and  some  don't  even  have 
the  computer,"  Fithian  says.  At 
one  end  of  the  spectrum  are 
large  chains  such  as  Regal 
Entertainment  Group,  which 
owns  6,000  screens  and  is  the 
furthest  along  with  its  network 
build-out.  But  there  are  many 
“mom  and  pop”  cinemas  with 
two  or  three  screens  in  small 
towns  that  “don’t  even  have 
e-mail  addresses,”  he  says. 

Digital  cinema  technology 
promises  to  change  much  of 
that  over  the  next  few  years.  At  a 
minimum,  each  theater  owner 
will  have  to  deploy  a  server  to 
decrypt  and  recombine  film 
package  elements  it  receives 
from  a  satellite  or  fiber  connec¬ 
tion. That  server  will  send  film 
files  over  the  theater’s  LAN  to 
digital  cinema  projectors,  which 
will  show  the  movies. 

That’s  a  far  cry  from  the  way 
movies  are  distributed  today  — 
copied  on  celluloid,  put  on 
reels,  dropped  in  cans  and  phys¬ 
ically  delivered  to  theaters. 
These  copies  are  never  of  the 
same  quality  as  the  master  ver¬ 
sion,  and  typically  become  dam- 
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■  THIS  WEEK’S  QUESTION: 

Which  company  was 
once  known  as  Post 
OfficeTelecommuni- 
cations? 

Stumped?  Get  the  answer  online. 
Visit  Netwerk  World  Fusion  and  enter 
2349  in  the  Search  box. 


aged,  scratched  and  dirty  after 
weeks  of  showings. 

A  sneak  peek 

Regal,  the  largest  theater  chain 
in  the  U.S.,has  had  lots  of  prac¬ 
tice  with  digital  content  and  net¬ 
works.  In  2002  it  started  develop¬ 
ing  its  digital  network,  not  to  sup¬ 
port  film  but  for  advertising,  pre¬ 
show  entertainment  and  alter¬ 
nate  shows  such  as  rock  con¬ 
certs  and  corporate  training. 
Regal  says  it  plans  to  use  the  net¬ 
work,  called  the  Digital  Content 
Network  (DCN),to  support  digi¬ 
tal  cinema  for  movies. 

The  DCN  is  part  of  Regal 
CineMedia,  a  wholly  owned  sub¬ 
sidiary  of  Regal,  and  is  overseen 
by  Tom  Galley  executive  vice 
president  and  CTO  at  Regal 
CineMedia. 

Galley  spent  the  past  two  years 
completing  the  design,  testing, 
development  and  installation  of 
the  network.  Having  a  back¬ 
ground  in  IT,  Galley  says  he  is 
still  learning  about  “the  popcorn 
and  the  movies  and  all  that." 

He  was  the  first  employee  on 
the  project.  Since  then  he’s 
added  about  150  people  to  his 
staff,  which  includes  creative, 
post-production  and  special- 
events  folks.  About  50  people 
are  operations  staff,  who  handle 
the  digital  network,  which  in¬ 
cludes  networks  in  each  theater 
that  are  monitored  from  an 
operations  center  in  Centennial, 
Colo.  With  nearly  $72  million 
spent,  the  work  on  the  network 
is  nearly  complete,  Galley  says. 

“By  the  first  of  July  we’ll  have 
about  5,000  screens  and  a  little 
over  400  theaters  online,”  he 
says.  Using  satellite  multicasting 
services  from  Hughes  Network 
Systems,  his  team  distributes 
content  to  Regal  theaters  across 
the  country. 


After  such  a  big  investment, 
you  might  think  Regal  would  be 
ready  for  digital  cinema,  but 
standards  and  equipment  inter¬ 
operability  work  remains. 

There  are  two  primary  stan¬ 
dards  groups  that  will  let  the 
film  industry  move  to  digital 
technology  These  groups  are 
the  Society  of  Motion  Picture 
and  Television  Engineers 
(SMPTE)  and  the  Digital 
Cinema  Initiative  (DCI),a  con¬ 
sortium  of  the  seven  largest  stu¬ 
dios,  including  Disney  and 
Warner  Bros.  These  groups  also 
are  talking  with  international 
organizations  to  ensure  that  dig¬ 
ital  cinema  standards  are 
adopted  worldwide. 

SMPTE  and  the  DCI  are  work¬ 
ing  with  the  third  version  of  the 
digital  cinema  standard  draft 
and  are  testing  products  at  the 
Digital  Cinema  Lab,  which  was 
formed  in  2000  at  the  University 
of  Southern  California’s  Enter¬ 
tainment  Technology  Center  in 
Hollywood. 

The  groups  have  agreed  on 
things  such  as  how  digital 
files  will  be  packaged  and  de¬ 
livered,  which  include  a  hybrid 
approach  of  satellite  and  broad¬ 
band  services.  There  also  is  the 
option  of  shipping  the  files  on  a 
physical  disk,  especially  as 
back-up  systems. 

The  standards  bodies  still  are 
hashing  out  some  issues,  such  as 
whether  encrypted  files  should 
be  decoded  in  new  digital  pro¬ 
jectors  or  at  a  secure  server.  The 
Motion  Picture  Association  of 
America  says  the  industry  loses 
more  than  $3  billion  a  year 
because  of  piracy. 

“Encryption  of  digital  files  will 
go  a  long  way  to  prevent  pirates 
from  getting  their  hands  on  the 
motion  picture,”  says  Charles 
Schwartz,  executive  director  of 


the  Digital  Cinema  Lab. 

Another  unresolved  issue  is 
creating  a  business  model  that 
works.  It’s  still  not  clear  who 
will  pay  for  the  expensive  digi¬ 
tal  cinema  network  and  equip¬ 
ment  upgrades  required  at  cin¬ 
emas.  Fithian  says  theater  own¬ 
ers  and  the  DCI  are  working  to 
come  up  with  a  business 
model  that  could  include  being 
subsidized  from  sources  to  be 
determined. 

Fithian  says  today  it  costs  the 
studios  $1,000  to  $1,500  to  pro¬ 
duce  one  copy  of  one  film  and 
drop  it  in  a  can  for  distribution. 
“A  digital  copy  will  cost  less 
than  $100,”  he  says. 

But  the  cost  of  moving  to  digi¬ 
tal  cinema  is  going  to  be  great. 
For  a  large  chain  such  as  Regal, 
upgrading  to  digital  cinema  pro¬ 
jectors  will  cost  at  least  $450 
million,  as  the  projectors  are 
three  to  five  times  more  expen¬ 
sive  than  35mm  systems,  accord¬ 
ing  to  industry  estimates. That 
translates  to  a  $2.65  billion 
upgrade  for  digital  cinema  pro¬ 


jectors  for  theater  owners  across 
the  country.  And  these  figures 
do  not  cover  the  cost  of  servers, 
network  gear  or  IT  staff. 

Supporters  of  digital  cinema 
say  this  is  a  crucial  year  for 
making  the  move  to  the  new 
system. The  standard  is  expect¬ 
ed  to  be  finalized  later  this  year 
and  early  adopters  will  likely 
start  rolling  out  gear  soon  after. 
But  change  in  any  industry 
doesn’t  happen  quickly. 

“It  will  take  years  to  make  this 
happen,”  Fithian  says.“But  there’s 
light  at  the  end  of  the  tunnel.”  ■ 


Got  great  ideas 


■  Network  World is  looking 
for  more  Wider  Net  stories.  If 
you  have  a  story  idea  about 
an  offbeat  network  industry- 
related  topic  or  a  fascinating 
personality  we  should  profile, 
contact  Bob  Brown  at 
bbrown@nww.com. 


AirFlow  backs  out 
of  WLAN  switches 

■  BY  JOHN  COX 

AirFlow  Networks’  decision  last  week  to  scrap  its  wireless  LAN  switch 
might  be  the  first  tremor  in  an  expected  shakeout  of  this  market. 

The  company,  which  launched  its  switch  last  September,  decided  it 
would  be  too  expensive,  and  too  risky,  to  compete  with  a  flock  of  other 
similar  start-ups.  Instead,  it  will  try  to  license  its  software  to  its  former 
rivals,  as  well  as  to  Ethernet  switch  vendors  and  WLAN  chip  makers. 

“If  we  were  going  to  maintain  a  systems  business,  we’d  have  to  build 
out  an  international  sales  organization,  spend  money  on  marketing, 
staff  up  technical  support,  and  spend  money  trying  to  duplicate  all  the 
features  and  functions  that  a  dozen  other  vendors  have,”  says  Brian 
Jenkins,  AirFlow’s  vice  president  of  marketing. 

Aaron  Vance,  a  senior  analyst  with  Synergy  Research  Group,  says  the 
move  makes  sense  and  should  enable  AirFlow  to  better  exploit  its  VoIP 
over  WLAN  and  other  intellectual  property 

“There’s  going  to  be  some  consolidation, ’’Vance  says. “The  market  is 
just  not  going  to  be  able  to  support  all  of  these  companies.” 

Because  most  are  privately  held  and  reveal  few  financial  or  other 
numbers,  it’s  difficult  to  get  a  read  on  the  financial  health  of  the  WLAN 
switch  vendors.  WLAN  switches  made  their  debut  last  year,  but 
researchers  have  been  frustrated  in  getting  shipment  numbers,  leading 
to  suspicions  on  their  part  that  not  many  units  are  being  bought. 

“I’ve  sent  surveys  out  to  the  WLAN  switch  guys  for  the  last  few  quar¬ 
ters,  with  only  Symbol  and  Aruba  agreeing  to  report,”  says  Gemma 
Paulo,  senior  analyst  with  In-Stat/MDR.  Symbol,  which  is  publicly  held 
company,  reported  shipping  3,200  switch  units  in  the  fourth  quarter  of 
2003,  up  from  2,145  in  the  third  quarter.  Aruba  said  it  shipped  176  units 
in  the  fourth  quarter,  up  from  74  in  the  third. 

Cisco  doesn’t  actually  sell  a  WLAN  switch,  but  is  considered  the  dom¬ 
inate  player  in  enterprise  WLANs  given  its  36%  to  45%  share  of  the  high- 
end  access  point  market  in  the  latter  half  of  last  year,  according  to 
Synergy.  Plus,  Cisco  plans  to  enable  its  traditional  switches  to  handle 
wireless  traffic.  Extreme  Networks,  Foundry  Networks  and  other  estab¬ 
lished  switch  makers  have  already  done  this.B 


Can  your 
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share  the 
wealth? 


AT&T  VIRTUAL  PRIVATE  NETWORKS.  Can  your  network  play  well  with  others?  Can  it  share  information  with 
customers  across  the  country?  Or  communicate  with  employees  across  the  globe?  AT&T  designs,  implements 
and  manages  Virtual  Private  Networks  that  make  it  easy  to  share  all  your  business-critical  applications  over 
the  Internet.  They  even  allow  you  to  evolve  your  networks  at  your  own  pace,  while  delivering  reliable, 
consistent  and,  most  importantly,  secure  performance.  So  your  door  will  always  be  open  for  the  people  you 
do  business  with.  And  slammed  shut  for  the  ones  you  don’t.  CAN  YOUR  NETWORK  DO  THIS? 
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For  a  network  that  can,  call  1-888-889-0234 
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Business  players  are  scattered 
across  the  globe  and  AT&T  is 
uniquely  positioned  to  offer 
the  most  comprehensive  set  of 
network-  and  premises-based 
Virtual  Private  Network  (VPN) 
solutions  to  help  keep  your 
clients,  suppliers,  business 
partners  and  remote  workers 
connected.  Now  that’s  bringing 
the  world  of  business  together. 

AT&T’s  VPN  Portfolio  includes: 

•  Global  implementations  that 
help  your  business  expand. 

•  Network  resiliency  with 
class  of  service  capabilities 
supported  by  industry-leading 
service  level  agreements  (SLAs). 


AT&T’s  network  keeps  your  players  in 
the  game  no  matter  where  they  are 


AT&T  VPN  Portfolio  offers  a  comprehensive  suite  of  global  network-  and 
premises-based  implementations  that  range  from  individual  components  to 
tailored  end-to-end  solutions  supporting  the  advanced  application  needs  of 
today’s  enterprises  -  extending  to  critical  members  of  your  SCM,  CRM  and 
ERP  business  models. 

AT&T  Network-based  VPNs  utilize  Multiprotocol  Label  Switching  (MPLS), 
an  advanced  IP  routing  technology,  to  provide  globally  consistent  networking 
environments  designed  to  provide  the  flexibility  of  distributed  communications 
with  traffic  prioritization  through  classes  of  service. 

AT&T  Premises-based  VPNs  are  delivered  by  adding  intelligent  devices  to 
the  customer  premises  over  either  the  AT&T  Global  IP  Network,  for  users 
requiring  a  high  performing  network,  or  the  Internet,  for  users  requiring 
ubiquitous  access  with  extended  reach.  AT&T  offers  multiple  tunneling 
options,  including  IP  Security  (IPSec)  and  Secure  Sockets  Layer  (SSL), 
allowing  you  to  tailor  your  premises-based  solution  to  meet  your 
networking  requirements. 


•  Leading-edge  network 
architectures  for  united 
connections  with  a  variety 
of  access  options  available. 

•  Secured  networking  with 
privacy,  encryption  and 
authentication  capabilities. 

•  Management  continuum 
ranging  from  a 
customer-managed  to  an 
AT&T  managed  solution, 
including  proactive  network 


INDUSTRY  ANALYSTS  ARE  SAYING: 

•  "Customers  feel  safe  with  AT&T.  That  is  a  very  rare  accolade  indeed, 
given  the  trauma  of  operating  in  the  global  telecoms  environment  in 
recent  times.” —  Janet  Watkin,  Telemark  Consulting  UK 

•  In  a  recent  Telemark  Consulting  UK  poll,  AT&T’s  IP  VPN  Services  were 
rated,  “Excellent”  by  network  managers  worldwide. 

•  According  to  Forrester  Research,  AT&T  is  the  best  in  the  VPN  business 
with  a  future-proof  global  VPN  architecture.  —  Choosing  The  Right  VPN, 
Forrester  Research,  Inc.,  March  2003 

•  IDC  Rated  AT&T  top  of  all  U.S.  IP  VPN  managed  carriers  for  market 
share  and  market  leadership. 


monitoring  and  management. 


For  more  information,  contact  your  AT&T 
Representative,  or  visit  www.att.com/networking. 


AT&T  Virtual  Private  Network.  ©  2004  AT&T.  All  Rights  Reserved.  Printed  in  U.S.A,  AB-0166 


1  www.nwfusion.com 


News 


4/19/04 


NetworkWorld 


m 


Quantum  crypto  coming  to  light 


■  BY  ELLEN  MESSMER 

Quantum  cryptography  a  technology  that 
uses  photons  to  encrypt  communications 
over  fiber-optic  lines  and  the  air,  is  starting  to 
come  out  of  the  laboratory  and  into  commer¬ 
cial  use. 

MagiQ  Technologies  recently  began  selling 
the  worlds  first  commercially  available  point- 
to-point  quantum-crypto  box.  Separately  a 
Swiss  company  called  Id  Quantique  will  start 
pilot  tests  of  its  encryptor  with  banks  and 
other  businesses.  Both  companies’  boxes  start 
at  $50,000. 

“We  are  confident  there  will  be  a  market, 
but  the  question  is:  How  long  will  it  take  to 
grow?"  says  Grigoire  Ribordy,  founder  of  Id 
Quantique. 

The  technology  has  been  in  the  works  for 
two  decades  and  has  received  considerable 
financial  backing  from  the  U.S.  military. 
Supporters  say  quantum  cryptography  will 
make  cracking  datastreams  more  difficult 
than  ever,  in  part  because  it  makes  possible 
the  changing  of  encryption  keys  —  such  as 
those  based  on  Triple-DES  or  Advanced 
Encryption  Standard  —  at  the  dizzying 
speed  of  about  100  times  per  second.This  so- 
called  quantum-key  distribution  method  is 
potentially  a  better  way  to  exchange  keys  for 
point-to-point  encryption  than  what  is 
offered  in  current  symmetric-key  technolo¬ 
gies.  Quantum  crypto  also  automatically 
detects  when  anyone  is  trying  to  eavesdrop 
on  a  communications  stream. 

“With  quantum  key  distribution  there’s  no 
way  of  breaking  the  ke^’  says  Charles  Ben¬ 
nett,  IBM  research  staff  member  and  IBM  fel¬ 
low.  He  invented  the  basic  quantum  crypto 
technology,  called  BB-84,  with  colleague 
Gilles  Brassard  of  the  University  of  Montreal, 
back  in  1984. “It  differs  from  the  more  ordi¬ 
nary  methods,  such  as  Diffie-Hellman 
Factoring.” 

Despite  such  advances,  the  technology  has 
its  challenges,  including  distance  limitations. 

Id  Quantique’s  encryption/decryption  unit, 
dubbed  the  ID500  (it  features  optical  phase 
modulators,  couplers,  single-photon  detec- 


NetScreen  goes 

■  BY  TIM  GREENE 

NetScreen  Technologies  last  week  rolled  out 
a  firewall/VPN  box  with  a  modular  design  for 
adding  new  security  functions. 

The  NetScreen-ISG  2000  has  three  slots  for 
blades  supporting  applications  such  as  virus 
screening,  intrusion  prevention  and  content 
filtering.  The  blades  will  have  independent 
processing  power  so  that  adding  applications 
doesn’t  slow  firewall  and  VPN  performance. 

One  NetScreen  customer  who  has  used  the 
company’s  older  500  and  5000  devices,  which 
do  not  have  the  add-on  processor  cards,  says 
he  prefers  the  new  design.  When  Layer  7 
packet  screening  was  added  to  these  earlier 


Henry  Yeh,  program  director  at  BBN  for  the 
quantum  cryptography  project,  stands  by  a  pho¬ 
ton  machine  -  nicknamed  Anna  -  that  will  be 
installed  soon  at  Harvard  University  for  quantum 
cryptography  experiments. 

tors  and  diodes),  is  limited  to  less  than  62 
miles  before  the  photons  performing  the 
encryption  lose  their  force  over  a  fiber-optic 
line.  “For  the  first  pilot  tests,  we’ll  only  go  a 
few  kilometers,”  Ribordy  says. 

MagiQ’s  QPN  gateway  also  has  distance 
issues,  which  the  company  tackles  by  adding 
a  repeater  after  74  miles  “to  regenerate  the 
photon  amplification,”  says  Andrew  Hand, 
vice  president  of  business  development. The 
box  is  limited  to  encryption  at  100M  bit/sec, 
although  the  company  hopes  to  push  that  to 
10G  bit/sec. 

There  are  no  commercial  wireless  “free 
space”  quantum  crypto  products  yet,  but 
many  research  labs  are  seeking  to  push  back 
the  barriers  there  as  well.  The  National 
Institute  of  Standards  Technology  has  at¬ 
tained  a  distance  of  18  miles  at  312M  bit/sec 


modular 

devices,  they  took  “a  significant  performance 
hit,”  says  Jeff  Murphy,  senior  communication 
system  administrator  for  the  State  University  of 
New  York  at  Buffalo. 

NetScreen’s  efforts  with  the  ISG  2000  parallel 
those  undertaken  by  vendors  such  as  Cisco 
and  Fortinet  to  combine  intrusion  detection 
and  prevention  on  firewall/VPN  devices. 

Throughput  on  the  ISG  2000  —  2G  bit/sec 
for  firewall,  1G  bit/sec  VPN  —  falls  between 
that  of  the  NetScreen  500  and  5000.  The  ISG 
2000  supports  up  to  24  10/100M  bit/sec 
Ethernet  ports  to  attach  to  other  LAN  devices. 

Pricing  runs  from  $38,000  to  $115,000. 
Intrusion-detection  and  -protection  modules 
are  scheduled  to  be  out  later  this  year.  ■ 


with  its  experimental  equipment,  says 
research  scientist  Carl  Williams. 

Quantum  crypto,  however,  has  failed  to  win 
over  some  experts  of  traditional  crypto  meth¬ 
ods, who  argue  that  the  technology  is  overkill 
for  most  businesses,  which  already  have 
many  tried-and-true,  strong,  point-to-point 
encryptors  in  place. 

“It’s  technically  intriguing,  it  offers  higher 
strength  and  speed  potentially,  but  do  we 
have  applications  that  need  that?”  says  Taher 
Elgamal,  founder  of  company  Security  and 
the  inventor  of  the  widely  used  Secure  Sock¬ 
ets  Layer  protocol  for  the  Web. 

“I  don’t  think  it  provides  anything  in  terms 
of  practical  advances,"  says  crypto  expert 
Bruce  Schneier,  founder  of  security  firm 
Counterpane.“I  don’t  think  it’s  anything  more 
than  a  fascinating  quantum  mechanics  area 
of  research.” 

The  U.S.  government,  in  particular  the 
military,  begs  to  differ.  It  has  long  seen  the 
potential  of  free-space  quantum  crypto  in 
securing  satellites,  for  example.  Quantum 
crypto  was  also  on  the  agenda  at  last  week’s 
International  Society  for  Optical  Engin¬ 
eering’s  Defense  and  Security  Symposium  in 
Orlando. 

Three  years  ago,  the  Defense  Advanced 
Research  Projects  Agency  (DARPA)  started 
the  Quantum  Information  Science  and 
Technology  program,  and  millions  of  dollars 
in  research  funding  related  to  quantum  cryp¬ 
tography  has  since  gone  to  universities  and 
companies  to  show  it  can  work. 

BBN  Technologies,  for  instance,  is  doing 
DARPA-funded  research  in  both  free  space 
and  fiber-optics  quantum  crypto. 

“Every  year  DARPA  wants  to  see  some 
breakthroughs,”  says  Henry  Yeh,  program 
director  for  quantum  cryptography  at  BBN. 
“The  long-term  goals  are  things  like  earth-to- 
space  communications  and  ground  use.” 

BBN’s  lab  is  working  on  a  prototype  for 
satellite  communications,  and  Chip  Elliott,  a 
senior  engineer  at  BBN,  says  he’s  convinced 
it’s  going  to  be  possible  to  eventually  get 
much  better  mileage  over  the  air  than 
in  fiber. 

“With  fiber, you  can  only  get  about  50  miles 
due  to  single  photons  getting  absorbed  by 
the  fibers,”  he  says.“But  space-based,  it  looks 
like  you  could  get  10,000  miles.”  The  air 
brings  its  own  problems,  though,  with 
clouds,  dust  and  unsettled  conditions  creat¬ 
ing  interference. 

BBN,  which  has  so  far  only  used  its  quan¬ 
tum-cryptography  gear  in  the  lab,  plans  its 
first  outside  tests  next  month  by  setting  up 
dark-fiber  links  with  Harvard  University  to 
encrypt  data  between  the  two  sites.’The  step 
after  that  would  be  to  try  it  on  normal 
installed  telecom  fiber,”  Elliott  says. 

Some  technology  watchers  say  quantum 
crypto  continues  to  have  an  aura  of  secrecy 
because  the  greatest  demand  for  it  is  coming 
from  the  military  and  financial  sectors  that 
guard  very  sensitive  data. “If  you  need  it,  you 
don’t  want  people  to  kno\^”  says  Trent  Henry, 
an  analyst  at  Burton  Group.  ■ 
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Takes 

■  RackSaver,  which  sells  servers 
and  software  used  to  build  high-per¬ 
formance  computing  clusters,  last 
week  acquired  systems  management 
software  vendor  MPI  Software 
Technology  for  an  undisclosed  sum. 
RackSaver  has  changed  its  name  to 
Verari  Systems.  Verari  plans  to 
combine  its  own  BladeView  and 
RackView  systems  management 
software  with  MSTI’s  cluster  man¬ 
agement  products,  creating  an  inte¬ 
grated  product  that  will  be  called 
Verari  Command  Center,  the  com¬ 
pany  said. 

■  Iomega  is  branching  out  from  the 
desktop  market  with  the  introduction 
of  a  back-up  drive  for  small  compa¬ 
nies.  The  Rev  35G  byte/90G  byte 
drive  comes  with  software  that  auto¬ 
matically  will  back  up  small  servers 
and  individual  desktop  computers  on 
the  network.  If  a  server  fails,  the  Rev 
drive  will  reboot  the  server  and 
restore  its  operating  system,  applica¬ 
tions  and  data. The  2.5-inch-by-2.5-inch 
cartridge  is  removable.  It  can  transfer 
data  eight  times  faster  tape  and  is 
half  as  expensive  as  Digital  Data 
Storage-4  tapes,  the  company  says. 
The  Rev  drive  works  with  Windows 
Server  2003;  Linux  will  be  supported  in 
the  future.  The  drive  starts  at  $380; 
disk  cartridges  cost  $60. 

■  Intel  said  last  week  it  plans  to 
update  its  Itanium  2  processor  line 
with  two  new  configurations  of  the 
chip,  designed  for  dual-processor 
servers.  A  1.4-GHz  version  of  the 
processor  with  3M  bytes  of  level  3 
cache  is  available,  and  a  faster,  1.6- 
GHz  version  with  the  same  amount 
of  cache  will  be  available  next 
month,  the  company  said.  A  variety 
of  computer  vendors  including  Dell, 
Fujitsu  and  IBM  plan  to  ship  systems 
with  the  processors,  Intel  said.  These 
servers  are  expected  to  be  faster 
and  cost  approximately  30%  less 
than  current  Itanium  dual-processor 
systems,  which  are  built  with  the  1.4- 
GHz  processor  that  Intel  launched 
last  September.  That  chip  contains 
1.5M  bytes  of  cache. 
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■  LAN/WAN  SWITCHES  AND  ROUTERS 

■  ACCESS  DEVICES  ■  SERVERS  ■  VPNS 

■  OPERATING  SYSTEMS  ■  NETWORKED  STORAGE 

■  VOIP  ■  WIRELESS  NETWORKS 


Sun  redirects  server  technology 


■  BY  JENNIFER  MEARS 

Sun  is  pushing  a  processor  technology 
that  it  says  will  let  single  chips  within 
servers  handle  multiple  tasks  at  the  same 
time.  This  will  increase  system  perfor¬ 
mance  by  as  much  as  30  times  of  today’s 
boxes,  the  company  says. 

The  idea,  called  throughput  computing, 
is  propelling  Suns  microprocessor  strategy 
which  the  company  recently  modified  to 
give  greater  attention  to  its  multithreading 
efforts.  Earlier  this  month,  Sun  announced 
it  was  scrapping  two  “conventional”  micro¬ 
processor  projects  it  had  in  the  works  for 
years  to  focus  on  its  throughput  computing 
technology 

Gone  are  the  UltraSparc  Y  code-named 
Millennium,  a  new  RISC  design  for  mid¬ 
range  and  high-end  servers,  and  Gemini,  a 
dual-core  chip  aimed  at  low-end  systems. 

See  Sun,  page  18 


Changing  course 

Sun  has  shifted  microprocessor  plans  to  focus  on  what  it  calls  throughput 

computing,  a  technology  that  lets  chips  handle  multiple  tasks  at  the 

same  time. 

•  February  2003.  At  its  analyst  conference,  Sun  introduces  its  throughput  computing 
initiative.  A  chip  code-named  Niagra,  based  on  technology  acquired  from  Afara 
Websystems,  is  expected  to  roll  out  by  2005. 

•  August  2003.  Sun  says  it  will  introduce  systems  in  2004  based  on  Gemini,  a 
microprocessor  that  contains  two  UltraSparc  II  cores. 

•  February  2004.  Sun  unveils  UltraSparc  IV,  a  chip  with  two  UltraSparc  III  cores 
and  the  first  to  offer  the  multithreading,  throughput  computing  technology. 

•  April  2004.  Sun  confirms  that  is  has  shelved  plans  for  Gemini,  based  on  the  older 
UltraSparc  cores,  and  its  Millennium  project  (UltraSparcV),  which  was  based  on  an 
entirely  new  chip  architecture,  in  order  to  focus  on  Niagra  and  another  multicore 
chip  for  midrange  and  high-end  servers,  code-named  Rock.  Niagra  is  expected  to 
roll  out  in  2006,  with  Rock  following  in  2007. 


Expand  overhauls  compression  line 


■  BY  TIM  GREENE 

Expand  Networks  is  introducing  a  set  of 
software  plug-ins  and  other  upgrades  to 
the  operating  software  for  its  acceleration 
devices  to  further  speed  site-to-site  corpo¬ 
rate  WAN  traffic. 

New  software  modules  for  the  company’s 
Accelerator  appliances  reduce  the  amount 
of  traffic  that  specific  applications  must 
send  across  congested  WAN  links,  making 
the  applications  perform  faster  —  two  to 
four  times  faster,  the  company  says. 

These  capabilities  are  in  addition  to  what 
the  devices  already  did:  compress  traffic. 
Customers  buy  Expand  devices  in  pairs 
and  place  one  at  each  end  of  a  WAN  link, 
between  the  LANs  and  the  WAN  routers. 
The  Accelerators  compress  traffic  bound 
for  the  second  location,  Expand  says.  The 
company  competes  against  FeribitJTWorx, 
Packeteer  and  FatPipe  and  newcomer 
Riverbed. 

The  new  Acceleration  Plug-Ins  reduce 
traffic  for  specific  protocols  that  com¬ 
monly  run  over  WANs:  HTTRSecure-HTTR 
DNS,  FTP  and  TCP  Most  of  these  include 
caching  repetitive  elements  of  the  traffic 
so  it  is  served  up  locally  by  the  Expand 
box  rather  than  drawn  from  a  server 
across  the  WAN  connection. The  plug-ins 
are  part  of  the  operating  system  upgrade. 
The  upgrade  also  supports  Layer  7  quality 


of  service  (QoS)  so  the  devices,  for  exam¬ 
ple,  can  distinguish  individual  Web  appli¬ 
cations,  whereas  before  all  Web  traffic 
was  treated  equally 

This  Layer  7  QoS  will  let  Eagle  Global 
Logistics  give  its  universal  Web-based 
shipping  software  priority  over  other  Web 
traffic,  says  Daniel  Gonik,  senior  network 
engineer  for  the  international  freight 
company. The  company  grew  through  the 
acquisition  of  other  companies,  each  of 
which  used  its  own  shipping  software. 
Standardizing  on  a  new  Web-based  appli¬ 
cation  last  fall  meant  greater  demand  on 
network  links  between  about  50  interna¬ 
tional  locations  and  data  centers  in 
Houston,  London  and  Singapore,  Gonik 
says.  Layer  7  QoS  distinguishes  the  ship¬ 
ping  application  from,  say,  Web  browsing 
so  business  is  transacted  faster,  and 
browsing  takes  a  back  seat. 

Installing  Expand  gear  also  avoided  the 
need  to  add  bandwidth  on  Eagle  Global’s 
WAN,  and  in  some  cases  the  devices 
enabled  the  reduction  of  bandwidth  from 
256K  to  64K  bit/sec,  he  says.  Either  via  cost 
savings  or  cost  avoidance,  the  Expand 
Accelerators  are  saving  Eagle  Global  about 
$1  million  per  year,  and  individual  pairs  of 
the  appliances  have  paid  for  themselves 
within  a  month,  he  says. 

Gonik  says  new  support  for  Open 
Shortest  Path  First  routing  in  Expand’s  oper¬ 


ating  software  will  let  Expand  boxes  swap 
routing  information  and,  if  one  fails,  find  an 
alternate  route  to  reach  one  of  the  data 
centers. 

Previously  the  boxes  supported  only  sta¬ 
tic  routes  that  required  human  interven¬ 
tion  if  an  appliance  failed,  he  says.  The 
software  upgrade  also  compresses  traffic 
without  masking  Multi-protocol  Layer 
Switching  markers  on  packets  so  cus¬ 
tomers  can  reduce  traffic  on  MPLS  VPNs. 

Expand  also  is  introducing  three  hard¬ 
ware  devices.Two  are  beefed-up  versions 
of  earlier  devices.  The  first  is  the  4020, 
which  has  4M  bit/sec  throughput  for 
$5,500,  twice  the  speed  for  half  the  price 
of  the  older  4002. The  second,  due  out  in 
June, is  called  6840, which  can  support  up 
to  350  sites,  250  more  than  the  previous 
6810  at  the  same  price  of  $25,000. 

The  6810  gives  Expand  a  device  to  com¬ 
pete  with  Peribit’s  largest  devices, says  Pfeter 
Firstbrook,  a  senior  research  analyst  at 
Meta  Group. 

Expand  also  is  introducing  a  Secure 
Sockets  Layer  acceleration  device  that 
offloads  SSL  connections  from  servers  and 
compresses  traffic  before  it  is  sent  over 
WAN  links.  Called  HTTPS  Accelerator,  the 
base  model  costs  $29,000.  This  device 
puts  Expand  in  competition  with 
FineGround,  NetScaler  and  Redline 
Networks,  Firstbrook  says.  ■ 
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I  was  in  Australia  recently  to  speak  at  the 
Marcus  Evans  conference  of  Identity 
and  Access  Management  in  Sydney, and 
my  wife  and  I  took  the  opportunity  to 
spend  some  vacation  time  along  the  coast 
of  New  South  Wales  exploring  its  attrac¬ 
tions.  Driving  my  rental  car  on  the  left  side 
of  the  road  wasn’t  a  major  problem,  and 
putting  the  turn  signal  stalk  on  the  right 
side  of  the  steering  wheel  with  the  left-side 
stalk  controlling  windshield  wipers  wasn’t 
a  problem  most  of  the  time.  When  I  knew  a 
turn  was  coming,  or  could  see  I  wanted  to 


Operating  systems  can  take  some 


change  lanes, there  was  time  to  think  about 
what  I  was  doing  and  use  the  correct  stalk. 
This  could  have  led  to  a  dangerous  situa¬ 
tion,  but  fortunately  didn’t. 

How  does  that  relate  to  you?  Many  peo¬ 
ple  are  changing  the  operating  systems 
they’re  working  with  these  days,  migrating 
from  NetWare,  Windows  or  Unix  to  Linux 
for  their  servers  and  hosts.  The  movement 
to  Linux  on  the  desktop  is  also  gathering 
steam  (but  the  jury  is  still  out  on  whether 
this  will  become  a  tide  of  change  or 
merely  a  momentary  ripple).There  are  sim¬ 
ilarities  among  all  these  operating  systems 
but  when  you’ve  used  one  relatively  exclu¬ 
sively  for  many  years,  you  become  condi¬ 
tioned  to  look  for  certain  signs  that  indi¬ 
cate  potential  problems  and  instinctively 
react  to  those  signs. 

A  new  operating  system,  like  the  roads  in 


New  South  Wales,  might  disguise  some  of 
those  signs  so  you  don’t  seem  them  until 
it’s  almost  too  late  to  react.  When  you  do,  it 
might  be  the  reflex  reaction  of  many  years’ 
training  rather  than  the  action  needed  for 
your  new  operating  system.  One  solution  is 
to  use  the  new  operating  system’s  scripting 
capabilities  to  alias  your  old  actions  (trivial 
example:  in  Linux  create  a  DIR  command 
that  does  an  LS).  The  better  course  of 
action,  though,  is  to  learn  the  tools  before 
you  really  need  to  use  them  in  an  emer¬ 
gency  Try  practicing  “emergency”situations 
to  train  yourself  to  react  correctly  The  net¬ 
work  you  save  could  be  your  own. 

Kearns,  a  former  network  administrator,  is 
a  freelance  writer  and  consultant  in  Silicon 
Valley.  He  can  be  reached  at  wired@vquill. 
com. 


Storage  management 
standard  advances 


■  BY  DENI  CONNOR 

PHOENIX  — The  Storage  Network  Indus¬ 
try  Association  announced  recently  that 
most  of  the  industry’s  leading  vendors  now 
comply  with  the  Storage  Management 
Initiative  Specification,  a  group  of  proto¬ 
cols  that  let  storage  software  and  cus¬ 
tomers  who  use  that  software  manage  het¬ 
erogeneous  storage  devices. 

At  Storage  Networking  World  in  Phoenix, 
14  vendors  demonstrated  SMI-S-conform- 
ing  products.  Among  them  were  Brocade 
Communications,  CNT,  EMC,  Hitachi  Data 
Systems,  HP  IBM,  McData,  StorageTek  and 
Sun.The  vendors  tested  their  products  with 
SNIAs  Conformance  Testing  Program 
(SN1A-CTP),  which  validates  that  storage 
products  have  the  SMI-S  standardized  man¬ 
agement  interface.  If  products  conform  to 
SNIA-CTPusers  will  know  they  will  be  able 
to  manage  them  in  a  uniform  way 

“For  customers,  this  will  make  life  a  lot 


easier  to  do  heterogeneous  management,” 
says  Jamie  Gruener,  a  senior  analyst  for  The 
Yankee  Group. 

SMI-S  grew  out  of  work  done  on 
Common  Information  Management  within 
the  Desktop  Management  Task  Force.  The 
current  version  of  SMI-S,  Version  1.0.2,  lets 
software  vendors  create  management  sys¬ 
tems  that  identify  classify,  monitor  and  con¬ 
trol  physical  and  logical  storage  resources. 

Kent  Smith,  principal  consultant  for  IPSO, 
a  business  systems  integrator  in  Wayland, 
Mass., says  this  standard  will  be  beneficial. 

“Once  people  start  developing  SMI-S 
applications  and  as  the  industry  starts  ac¬ 
cepting  it  as  something  that’s  going  to  be  a 
standard  inclusion  in  their  products,  the 
rationale  for  it  will  become  more  apparent,” 
he  says.“For  instance.it  will  be  cool  if  we  can 
start  using  EMC  TimeFinder  software  against 
any  [vendors’]  hardware  that’s  out  there.” 

Vendors  complying  with  SMI-S  are 
expected  to  ship  products  next  year.  ■ 


Sun 

continued  from  page  17 

Sun  concedes  that  tough  economic  times 
—  the  company  recently  laid  off  3,300 
employees  and  says  it  expects  to  lose  as 
much  as  $810  million  in  the  upcoming 
quarter  —  have  pressured  it  to  make  the 
shift. 

But  David  Yen,  executive  vice  president 
of  processor  and  network  products  at  Sun, 
also  says  that  the  company  made  the 
change  to  direct  its  resources  to  the 
throughput  computing  technology. 

“You  talk  with  CIOs  throughout  the 
world  and  more  and  more  the  challenge 
to  them  is  not  the  speed  of  getting  one  job 
done.  Instead,  it’s  how  to  maintain  the  abil¬ 
ity  to  deal  with  the  mass  volume  of 
requests,”  he  says. 

Technology  such  as  3G  mobile  data 
transmission  and  radio  frequency  identifi¬ 
cation,  combined  with  the  move  toward 
utility  computing,  will  increase  exponen¬ 
tially  the  number  of  networked  devices 
and  the  workload  servers  handle, Yen  says. 

Conventional  chip  architectures  have 
been  too  focused  on  optimizing  for  one 
job,  Yen  says.  Analysts  note  that  while 
processor  speeds  are  increasing,  memory 
limitations  can  slow  throughput.  Sun’s 
approach  is  to  let  multiple  cores  on  one 
piece  of  silicon  handle  multiple  simultane¬ 
ous  threads,  software-based  instructions 
that  must  be  processed. 

Analysts  seem  to  like  the  idea. 

“Today  servers  can  be  idle  up  to  75%  of 
the  time  while  their  processors  stall  wait¬ 
ing  for  data  from  memory,  leaving  consid¬ 
erable  room  for  improvement  in  proces¬ 
sor  design,”  IDC  analysts  wrote  in  a  Sun- 
sponsored  white  paper  on  the  company’s 
throughput  computing  strategy.“By  focus¬ 
ing  on  increased  application  workload 
throughput  instead  of  clock  speed,  Sun’s 
[chip  multithreading]  processors  could 
deliver  significant  increases  in  application 
performance.” 

But  the  white  paper  also  notes  that  chal¬ 
lenges  remain  such  as  competitive  threats 


That's  management 

Here  is  a  sampling  of  the  vendors  that  support  the  upcoming  (SMI-S) 
standard,  which  will  provide  for  automated  provisioning. 

Company 

Products 

Brocade 

Silkworm  switches 

CNT 

FC/9000  Fibre  Channel  Directors 

EMC 

Clariion  CX  and  FC4x00  arrays;  Symmetrix 

Hitachi  Data  Systems 

Lightning  andThunder  arrays 

HP 

StorageWorks  Disk  Array  XP;  Enterprise  Virtual  Array, 
Modular  Disk  Array,  B  Class  Fibre  Channel  switches 

IBM 

Enterprise  Storage  Server 

McData 

Intrepid  and  Spherion  switches 

Network  Appliance 

FAS270C,  F825C,  F880C,  FAS940C,  FAS960C,  FAS980C 

Sun 

Storedge  3000 
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funny  turns 


Tip  of  the  Week 


NetWare  network  man¬ 
agers  can  get  Novell's 

new  Nterprise  Linux  Services 

(www.novell.com/products/ 
linux/)  and  run  the  old,  famil¬ 
iar  NetWare  utilities  and 
apps  even  while  moving  to  a 
new  operating  system  plat¬ 
form.  Not  only  should  this 
help  your  reaction  time,  but 
it  promises  to  make  Linux  a 
better  business  tool. 


from  companies  such  as  IBM,  which  says 
it  will  include  multithreading  technology 
in  the  upcoming  Power5,  and  alternative 
architectures  such  as  clusters,  blades  and 
grids  that  are  aimed  at  tying  together 
smaller  systems  to  improve  throughput. 

Sun  took  the  first  step  in  its  throughput 
computing  effort  with  the  introduction  of 
the  UltraSparc  IV  earlier  this  year,  which 
contains  two  cores  and  a  dual-threaded 
architecture.  However,  in  2006,  customers 
can  expect  their  first  real  glimpse  of 
throughput  computing  with  the  advent  of 
systems  based  on  Niagra,  a  chip  design 
that  includes  technology  from  Afara  Web- 
systems,  which  Sun  acquired  in  2002. 

The  first  generation  of  Niagra,  which  will 
be  optimized  for  networks  that  face  work¬ 
loads  such  as  security  processing,  will  have 
eight  cores,  each  capable  of  handling  four 
threads. 

“So  one  chip  could  run  32  threads  of  exe¬ 
cution  simultaneously’ Yen  says. 

Later  generations  of  Niagra  and  a  multi¬ 
threaded  chip  for  midrange  and  high-end 
systems,  code-named  Rock,  are  expected 
to  debut  in  2007.  Rock  is  intended  to  run 
applications  such  as  large  databases  or 
data  warehouses  and  so  will  have  multi¬ 
threaded  capabilities,  .and  also  will  be 
optimized  for  single-threaded  workloads. 

The  decision  to  scrap  the  Millennium 
and  Gemini  chips  “fundamentally  simpli¬ 
fies  Sun’s  road  map,”  says  Nathan 
Brookwood,an  analyst  at  Insight  64.“There 
were  just  a  lot  of  products,  and  even  if  Sun 
had  met  all  its  schedules,  these  things 
would  be  coming  on  at  relatively  short 
intervals.  And  the  systems  guys  would 
have  had  a  hard  time  keeping  up,  and  so 
would  the  end  users  who  would  have  to 
make  choices  between  the  systems."  ■ 


Servers 


Subscribe  to  our  free  newsletter. 
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Enterprise 


■  BEA  Systems  ;s  offering  cus¬ 
tomers  a  path  to  utility  computing 
through  a  partnership  with  Veritas 
Software.  BEA  last  week  signed  a 
deal  to  make  its  WebLogic  application 
server  work  better  with  Veritas  Op- 
Force,  for  automatically  provisioning 
servers;  Veritas  indepth,  for  man¬ 
aging  application  performance;  and 
Veritas  Cluster  Server,  for  linking 
servers  in  a  group.  The  closer  ties  to 
WebLogic  will  appear  in  a  version  of 
Indepth  planned  for  September  and  in 
a  version  of  OpForce  in  the  fourth 
quarter,  Veritas  said.  Veritas  Cluster 
Server  has  been  validated  for 
WebLogic  and  is  available  now.  Other 
vendors  including  HP  offer  utility  soft¬ 
ware  that  works  with  BEA's  products, 
and  the  deal  with  Veritas  gives  cus¬ 
tomers  another  option. 

■  Polycom  is  expanding  itsVSX  line 
of  videoconferencing  endpoints 

with  a  new,  self-contained  unit  de¬ 
signed  for  an  executive  desktop.  The 
VSX3000  includes  a  17-inch  flat- 
panel  display,  built-in  speakers  that 
can  support  14-KHz  audio,  a  pan-tilt- 
zoom  camera,  Advanced  Encryption 
Standard  and  support  for  the  H.264 
video  compression  standard.  It  also 
can  be  used  as  a  computer  monitor. 
Polycom  plans  to  ship  two  versions 
of  the  VSX3000  this  month:  IP-only 
for  about  $5,000  and  IP/ISDN  for 
about  $6,500. 

■  Sun  last  week  released  Java  Sys¬ 
tem  Application  Server  Platform  Edi¬ 
tion  8,  an  upgrade  to  its  application 
server  that  supports  Version  1.4  of 
the  Java  2  Platform  Enterprise 
Edition  specification.  Platform 
Edition  is  a  low-end  version  of  Sun's 
Java  software  geared  toward  pilot 
projects  and  departmental  applica¬ 
tions,  Sun  said.  Among  the  advances 
in  Version  1.4  is  support  for  the  Web 
Services  Interoperability  group’s 
Basic  Profile,  which  tells  customers 
how  to  implement  the  main  Web  ser¬ 
vices  standards  to  interoperate  with 
other  vendors’  products.  The  WS-I 
includes  large  software  makers  such 
as  BEA,  IBM  and  Microsoft. 
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DoD  pumps  up  RFID  effort 


■  BY  ANN  BEDNARZ 

U.S.  Department  of  Defense  suppliers 
should  expect  to  see  a  new  clause 
in  their  contracts  soon  that  require  the 
use  of  radio  frequency  identification 
technology. 

Making  RFID  tagging  a  contractual 
term  is  a  key  step  in  the  Defense 
Department’s  RFID  adoption  schedule. 
However,  there’s  a  lot  of  work  to  be  done 
to  finalize  the  agency’s  RFID  plans  and 
iron  out  suppliers’  implementation 
strategies. 

Last  October  the  Defense  Department 
unveiled  its  RFID  policy,  which  requires 
suppliers  to  put  passive  RFID  tags  (those 
without  an  integrated  power  supply)  on 
individual  parts,  cases  or  pallets  by 
January  2005.  The  agency  expects  that 
with  RFID-tagged  items  and  containers, 
logistics  experts  could  more  efficiently 
track  the  progress  of  military  supplies  en 
route  to  personnel. 

“The  way  we  fight  wars  is  changing.  We 
need  to  keep  abreast  of  changes  in  the 
way  that  we  do  logistics  in  order  to 
maintain  the  support  that  our  forces 
deserve,”  says  Alan  Estevez,  assistant 
deputy  under  secretary  of  defense  for 
supply-chain  integration.  “We  feel  that 


the  use  of  RFID  technology  is  critical  to 
doing  that.” 

Estevez  took  part  in  a  Defense  De¬ 
partment  summit  earlier  this  month  in 
Washington,  D.C.  The  summit’s  purpose 
was  to  update  suppliers  on  the  agency’s 
RFID  plans  and  get  feedback  on  their 
implementation  progress. 

At  the  summit,  the  biggest  concern  sup¬ 
pliers  raised  was  compatibility  between 
the  Defense  Department’s  existing 
unique  identifier  (UID)  naming  conven¬ 
tion  and  new  electronic  product  code 
(EPC)  identifiers,  Estevez  says. 

The  Defense  Department  uses  UIDs  to 
distinguish  materials  that  require  life 
cycle  tracking  —  weapons,  aircraft  parts 
and  big-ticket  items  that  cost  more  than 
$5,000,  for  example.  Global  standards 
bodies  manage  the  assigning  of  EPC 
numbers  to  be  embedded  in  RFID  tags 
to  identify  a  specific  item  in  the  supply 
chain. 

“Some  of  our  larger  UID  constructs  will 
not  fit  on  the  current  tag  capabilities,” 
Estevez  says.  The  Defense  Department 
plans  to  work  with  suppliers  individually 
to  resolve  incompatibilities,  he  says. 
Meanwhile,  “the  technology  is  evolving 
rapidly,  and  as  the  next  generation  of 
tags  and  readers  becomes  available,  we 


Compliance  costs 

Suppliers  facing  RFID  mandates 
from  the  Defense  Department, 
Wal-Mart,  Target  and  others  will 
be  spending  big.  Forrester 
Research  estimates  it  will  cost  a 
$12  billion  supplier  that  ships  15.6 
million  cases  to  Wal-Mart  more 
than  $9  million  to  roll  out  RFID  and 
fund  one  year  of  maintenance. 


Item 

Cost 

Tags 

$7,594,971 

Hardware 

$328,668 

Software 

$183,000 

Consulting  and 
integration  services 

$127,500 

Internal  RFID  team 

$314,600 

Tag  and  reading  testing 

$79,500 

Additional  warehouse 

labor 

$469,238 

Training  for  warehouse 
labor 

$39,221 

Total 

$9,136,698 

believe  that  most  of  those  issues  will  be 
resolved,”  Estevez  says. 

See  RFID,  page  20 


SiteScape  streamlines  software 

Updated  collaboration  software  lets  users  download  multiple  files  simultaneously. 


■  BY  JOHN  FONTANA 

SiteScape  this  week  is  upgrading  its  Web- 
based  collaboration  software  with  features 
designed  to  let  customers  streamline  docu¬ 
ment  handling,  access  control  and  work- 
flow. 

SiteScape  Enterprise  Forum  7.1  can 
download  multiple  files  at  one  time,  cre¬ 
ate  workflows  using  a  new  graphical 
tool,  view  more  than  200  file  formats  on 
a  Web  browser  and  set  role-based  access 
controls. 

The  company,  which  competes  with 
Documentum,  Open  Text  and  Microsoft 
ShareFbint,  has  focused  on  eliminating 
processes  that  slowed  down  users  of  its 
collaboration  software,  which  uses  a  Web 
browser  as  its  client. 

“Previously,  workflow  was  done  in  a  text 
file.  Now  we  have  a  graphical  flow  chart  ca¬ 
pability  where  you  can  take  your  workflow 


and  drag  it  around,”  says  Jeff  Thompson, 
technical  services  director  for  the  U.S. 
Navy’s  Tactical  IT  Integration  Program 
Office. 

Thompson  says  the  addition  of  a  feature 
called  multi-file  download  now  lets  end- 
users  mark  a  group  of  documents,  collect 
them  into  a  ZIP  file  and  bring  them  down 
to  their  desktop  in  one  action. 

SiteScape  also  has  added  an  HTML  view¬ 
er  that  will  render  a  read-only  copy  of  doc¬ 
uments  in  any  of  200  file  formats.  That  is  a 
boon  to  Thompson,  who  can’t  add  any  soft¬ 
ware  to  a  desktop  configuration  mandated 
by  the  military 

“The  viewer  eliminates  the  need  for  desk¬ 
top  software,  which  is  nice  for  programs 
like  Visio  that  are  real  expensive,”  Thomp¬ 
son  says. 

Forum  7.1  now  can  operate  behind  mul¬ 
tiple  levels  of  firewalls  to  increase  security, 
especially  for  database  servers  used  to 


house  documents.  The  software  also 
includes  a  new  workspace  management 
tool  to  modify  access  controls  for  users 
assigned  to  a  particular  role,  such  as  sales 
manager.  SiteScape  has  added  Lightweight 
Directory  Access  Protocol  controls  that  let 
the  Enterprise  Forum  user  and  groups  data¬ 
base  be  automatically  synchronized  with 
users  and  groups  stored  in  any  LDAP-com¬ 
pliant  directory  The  feature  lets  changes  in 
the  directory  such  as  adding  or  deleting  a 
user.be  replicated  in  the  Forum  system. 

SiteScape  also  has  added  support  for 
SuSe  Linux  and  Windows  Server  2003. 

Enterprise  Forum  7.1  costs  $99  per  user.  ■ 
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There  is  hardly  a  dearth  of  groups  wor¬ 
rying  about  cybersecurity  Yet  another 
report  on  the  subject  was  released 
this  month  by  yet  another  group  few  peo¬ 
ple  had  heard  of.The  report  has  raised  eye¬ 
brows  by  suggesting  that  buyers  should  be 
able  to  say  they  want  vendors  to  offer 
secure  systems. 

Last  month  I  wrote  about  the  purposely 
toothless  recommendations  that  the  Nat¬ 
ional  Cyber  Security  Partnership  (NCSP) 
is  releasing  (see  www.nwfusion.com,  Doc- 
Finder:  1627).  Since  I  wrote  that  column, 
the  NCSP  has  released  an  additional 
report  that  fits  the  same  mold  as  the  pre¬ 
vious  two. 

This  other  new  report,  however,  is  from 
the  Corporate  Information  Security  Work¬ 
ing  Group  (CISWG),  which  Rep.  Adam 
Putnam  (R-Fla.)  established  late  last  year. 


Patching  yesterday's  holes? 


The  group  was  established  in  lieu  of 
introducing  legislation, strongly  opposed 
by  the  business  community,  that  would 
have  forced  publicly  traded  companies 
to  include  a  report  of  an  information 
security  audit  in  their  annual  Securities 
and  Exchange  Commission  filings.  1 
guess  the  business  community  worried 
that  such  audits  might  reveal  that  corpo¬ 
rate  indifference  to  information  security 
issues  is  far  too  common.  The  threat  of 
the  truth  can  make  some  people  ner¬ 
vous. 

The  CISWG  report  consists  mostly  of 
four  lists  of  recommendations  and  some 
supporting  information,  including  a  good 
list  of  information-security-related  refer¬ 
ences  (DocFinder:  1628). The  recommen¬ 
dations,  if  fully  implemented, might  not  be 
quite  as  toothless  as  the  NCSP  recom¬ 
mendations.  That  might  or  might  not  be  a 
good  thing. 

The  Awareness  and  Education  Recom¬ 
mendations  include  developing  materials 
that  would  make  it  clear  to  home  users, 
and  others,  including  corporate  execu¬ 
tives  in  small  and  large  businesses,  that 


information  security  is  good  stuff. 

The  Best  Practices  Recommendations, 
among  other  things,  feature  establishing 
an  international  “umbrella  organization  to 
oversee  the  further  development  of  IS 
guidance  for  organizations  and  users  of 
all  sizes  and  types”  with  representatives 
from  just  about  every  walk  of  life.  Sounds 
like  a  perfect  way  to  ensure  that  nothing 
gets  accomplished. 

The  Incentives-Liability/Safe  Harbor  Re¬ 
commendations  include  throwing  the  in¬ 
surance  industry  at  the  problem  by  asking 
it  to  “modify  the  degree  of  availability  and 
the  cost  of  cyber-risk  insurance  protection 
based  on  the  degree  that  the  company 
exercises  cyber-risk  best  practices.”  This 
presumes  the  insurance  industry  would 
be  better  at  picking  effective  best  prac¬ 
tices  than  the  high-end  auditing  firms 
have  been  —  a  presumption  I  have  a  hard 
time  supporting.  But  making  it  harder  for  a 
company  that  doesn’t  even  try  to  address 
information  security  problems  to  pass  the 
risk  of  its  inaction  to  an  insurance  com¬ 
pany  is  not  a  bad  idea. 

Finally,  the  Procurement  Practices  Re¬ 
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commendations  include  the  suggestion 
that  has  attracted  the  most  attention  from 
the  news  media.  After  recommending  that 
the  U.S.  government  mandate  minimum 
configuration  security  standards  for  gov¬ 
ernment-purchased  equipment,  the  work¬ 
ing  group  recommends  providing  “an 
exemption  from  U.S.  anti-trust  laws  for  crit¬ 
ical  infrastructure  industry  groups  that 
agree  on  obligatory  security  specifica¬ 
tions  for  software  and  hardware  they 
purchase.” 

This  seems  like  the  approach  of  the  anti¬ 
virus  industry:  Most  vendors  can  only  fight 
yesterday’s  problem  because  that  is  all 
they  know. These  vendors  also  give  a  good 
road  map  of  ignored  areas. 

Disclaimer:  Harvard  does  not  confine 
history  to  the  history  department,  but  is 
not  constrained  by  it  in  other  depart¬ 
ments.  Still,  the  university  has  not  com¬ 
mented  on  this  report. 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information 
Systems.  He  can  be  reached  at 
sob@sob.com. 


lAnywhere  updates  Web  application  software 


■  BY  JAMES  NICCOLAI 

lAnywhere  released  an  up¬ 
grade  to  M-Business  Anywhere 
last  week  with  features 
designed  to  make  the  mobile 
application  software  more 
attractive  to  corporate  users. 

Customers  use  M-Business 
Anywhere  to  create  Web-based 
applications  that  users  can 
access  from  devices  such  as 
PDAs.  The  new  version  adds 
support  for  laptops,  desktops 
and  tablet  PCs,  says  Diana 


Ungersma,  a  senior  product 
manager  at  iAnywhere. 

The  product  lets  companies 
develop  a  Web-based  applica¬ 
tion  for  use  on  multiple  devices 
once,  rather  than  having  to 
develop  different  versions.  It 
includes  a  client  component  to 
access  data  and  submitting 
forms  offline,  so  for  example,  a 
salesperson  could  do  paper¬ 
work  on  the  road  and  sync  up 
the  data  at  the  office. 

The  upgrade  also  has  new 
tracking  capabilities.  M- 


Business  Anywhere  has  always 
stored  such  information 
according  to  the  type  of  device 
being  used  and  the  frequency 
with  which  users  synchronize 
their  data,  but  that  information 
was  buried  in  log  files. 

IAnywhere  has  added  graphi¬ 
cal  reporting  functions  that 
make  it  easier  for  IT  depart¬ 
ments  to  keep  track  of  how  the 
software  is  being  used  in  the 
field,  Ungersma  says. 

The  company  also  added  sup¬ 
port  for  new  languages:  In  addi¬ 


tion  to  English,  the  client  inter¬ 
face  for  M-Business  Anywhere 
is  available  in  French,  German, 
Italian  and  Spanish,  Ungersma 
says.  The  new  software  release, 
Version  5.5,  is  priced  from  $68 
to  $299  per  end  user,  depending 
on  the  required  capabilities. 

A  subsidiary  of  Sybase,  iAny¬ 
where  acquired  M-Business  Any¬ 
where  when  it  bought  AvantGo 
about  a  year  ago.  The  software 
drives  the  AvantGo  consumer 
Internet  service,  which  lets  sub¬ 
scribers  view  Web  pages  on 


handheld  devices.  IAnywhere 
has  been  revving  the  software  to 
make  it  more  appealing  to  enter¬ 
prise  customers. 

In  February,  iAnywhere  said  it 
had  integrated  the  product  with 
SQL  Studio  Anywhere,  letting 
developers  create  Web-based 
applications  that  sit  on  top  of 
iAnywhere ’s  database  for  client 
devices. 

Niccolai  is  a  correspondent  with 
the  IDG  News  Service  s  San  Fran¬ 
cisco  bureau. 


IE  The  technology  is  not  ready,  and  there  is 
a  lack  of  deep  expertise  in  the  industry  to 
help  suppliers  implement  RFID.99 


RFID 

continued  from  page  19 

Analysts  are  skeptical  of  man¬ 
ufacturers’  ability  to  keep  pace 
with  RFID  mandates  from 
retailers  such  as  Albertsons,  the 
Defense  Department,  Target 
and  Wal-Mart.  Forrester  Re¬ 
search  predicts  that  only  25% 
of  suppliers  will  meet  Wal- 
Mart’s  January  2005  mandate, 
for  example. 

“There  is  no  business  case  for 
most  suppliers  in  the  short  term,” 
says  Christine  Spivey  Overby,  a 
senior  analyst  at  Forrester.  “The 
technology  is  not  ready,  and 
there  is  a  lack  of  deep  expertise 
in  the  industry  to  help  suppliers 
implement  RFID.” 

Whether  the  Defense  Depart- 


Christine  Spivey  Overby 

Senior  analyst,  Forrester  Research 


ment’s  mandate  will  launch  on 
time  remains  to  be  seen. Estevez 
says  the  Defense  Department  is 
on  track.  “We’re  not  looking  at 
any  slips  in  time  frames,”  he 
says. 

This  summer,  the  agency  will 
release  details  about  the  forth¬ 
coming  RFID  contract  clause  for 
public  comment.  Provisions  of 


the  clause  will  be  finalized  in 
August  and  September,  after 
which  it  will  begin  to  appear  in 
all  supplier  contracts,  Estevez 
says. 

Suppliers  are  onboard,  he 
insists.  “They  understand  that 
this  is  going  to  be  a  difficult 
road.There  are  going  to  be  some 
upfront  costs,  but  if  you  do  this 


properly,  the  upfront  costs  will 
come  back  in  an  ROl,”  Estevez 
says. 

Exemptions  are  not  planned, 
but  not  impossible,  Estevez  says. 
“We’re  not  looking  at  any  mea¬ 
sure  of  leniency.  Depending  on 
the  contract  terms  and  depend¬ 
ing  on  the  availability  of  the 
material,  contracting  officers  do 
have  the  ability  to  waive  certain 
contract  clauses.  But  that  is  not 
our  intent,  and  that  will  have  to 
be  done  on  case-by-case,  com¬ 
pletely  unique  basis,”  he  says. 

Since  launching  its  RFID  initia¬ 
tive  last  July,  the  Defense 
Department  has  been  in  contact 
with  other  agencies  including 
the  General  Services  Adminis¬ 
tration,  the  Food  and  Drug  Ad¬ 
ministration  and  the  Department 


of  Homeland  Security  to  discuss 
RFID  technologies  and  coordi¬ 
nate  their  programs,  Estevez  says. 

Looking  ahead,  the  Defense 
Department  plans  to  take  part  in  a 
meeting  in  the  next  few  months  with 
fellow  agencies  to  compare  RFID 
notes  and  investigate  ways  to  achieve 
a  consistent  RHD  policy  —  particu¬ 
larly  because  many  of  the  agencies 
buy  from  the  same  suppliers.  “Wfe 
believe  the  time  is  ripe  to  host  an 
inter-government  meeting  to  talk 
about  what  programs  everyone  is 
doing  and  try  to  get  us  all  in  sync; 
Estevez  says.  ■ 
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Today's  leading  enterprise  decision-makers  focus  on  one  event. 


Organizations  with  the  most  advanced  enterprise  networks  get  the 
information  they  need  at  SUPERCOMM.  Specifically,  more  than  400  of  the 
world's  largest  corporations,  federal  agencies,  state  and  local  governments, 
and  educational  institutions  send  enterprise  managers  to  SUPERCOMM. 
Representatives  from  these  companies  join 
thousands  of  senior  IT  executives  responsible  for 
major  corporate  and  government  networks. 

These  leaders  depend  on  SUPERCOMM  to  keep 
their  networks  up  to  date.  At  SUPERCOMM,  they 
can  examine  all  relevant  enterprise  technologies 


at  one  time  and  place.  In  addition,  Enterprise@SUPERCOMM  features  a 
FREE  educational  curriculum  with  expertise  gathered  from  around  the 
world.  Equally  important,  unlike  more  narrowly  defined  events,  SUPERCOMM 
also  offers  a  window  into  all  key  communication  technologies:  Broadband, 

Converged  Wireless  and  the  entire  Global 
Infrastructure.  Join  your  colleagues  who  are 
making  the  wise  choice  to  advance  their 
networks  while  economizing  on  resources. 
Take  advantage  of  FREE  registration  and 
surround  yourself  with  solutions. 


SUPERCOMM 


Explore  the  Whole  World  of  Communications 


June  20  -  24  2004  Exhibits  June  22  -  24  I  McCormick  Place  Chicago  IL  supercomm2004.com 


SUPERCOMM  6  a  registered  trademark  of  the  Telecommunications  Industry  Association  (TIA)  and  the  United  States  Telecom  Association  (USTA)  All  other  registered  trademarks  and  trademarks  are  property  of  their  respective  owners.  Company  names  appeared  m  the  attendee  data  from 
the  SUPERCOMM  2003  event  Use  of  company  names  in  this  advertisement  6  not  intended  to  convey  endorsement  of  the  company,  or  its  products  or  services  Companies  listed  in  the  advertisement  may  not  have  endorsed  SUPERCOMM 
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Together,  Lucent  Worldwide  Services  and  Bell  Labs  bring  you  unrivaled  networking  expertise  and  intelligent 
tools  to  help  make  your  network  more  secure.  With  our  Network  Survivability  Assessment  Service,  we  analyzed 
a  global  service  provider's  network  and  quickly  developed  a  security  scorecard  recommending  critical  network 
enhancements  across  eight  security  dimensions.  Then  we  showed  them  how  to  make  the  upgrades  without 
service  disruption.  See  how  we  can  make  your  network  more  productive,  more  reliable,  and  more  secure  than 
it  is  today  at  www.lucent.com/lws. 


Networks  that  work  smarter.  Networks  that  work  harder.™ 


Lucent  Technologies 

Bell  Labs  Innovations 
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Wireless  data  service  options  explode 

Wi-Fi,  EV-DO  and  other  offerings  provide  alternatives  to  wireline  services. 


■  BY  JIM  DUFFY 

In  a  few  short  years,  the  number  of 
wireless  connections  to  network  ser¬ 
vices  is  expected  to  eclipse  that  of  wire- 
line  connections. 

One  key  enabler  is  the  emergence  of 
new  wireless  data  services  intended  to 
provide  high-speed  access  to  corporate 
computing  resources  for  mobile  end 
users,  those  at 
remote  sites  and 
even  those  at  prima¬ 
ry  offices. 

“The  expectation  is 
that  [users]  have  broadband  connectivity 
wherever  they  go,”  says  Mark  Lowenstein, 
managing  director  of  wireless  consultan¬ 
cy  Mobile  Ecosystem. 

The  wide-area  cellular  network  will  be 
the  default  network  for  data  connectivity 
for  travelers,  Lowenstein  says.  Then  there 
will  be  pockets  of  more  compelling 
broadband  coverage,  such  as  Wi-Fi  or 
WiMax. 

Here’s  a  look  at  how  some  of  these  offer¬ 
ings  are  shaking  out. 


Wi-Fi  and  EV-DO 

Depending  on  whom  you  talk  to  or  what 
you  read,  Evolution-Data  Only  is  supposed 
to  kill  off  Wi-Fi  services,  Wi-Fi  is  supposed 
to  kill  off  EV-DO,  or  the  two  are  supposed 
to  coexist  in  harmony. 


■  Relatively  few  business  customers 
have  taken  advantage  of  wireless 
service  number  portability  since 

the  system  went  into  effect  in  late 
November,  according  to  a  survey 
conducted  in  February  by  In-Stat/ 
MDR.  About  5%  of  the  1,000  cell 
phone  users  surveyed  said  they 
changed  their  service  provider  since 
Nov.  24.  Of  those  who  switched, 
about  two-thirds  kept  their  phone 
numbers.  Another  7%  said  they  plan 
to  switch  providers  in  the  next  three 
months  and  at  least  half  plan  to  keep 
their  numbers  when  they  do. 


The  more  familiar  Wi-Fi  enables  1 1 M  to 
54M  bit/sec  wireless  access  within  300 
feet  of  an  access  point.  The  less  familiar 
EV-DO  is  a  3G  cellular  WAN  technology 
intended  to  turn  your  cell  phone  into  a 
powerful  data  transmission  tool.  It  sup¬ 
ports  speeds  of  up  to  2.4M  bit/sec,  far 
exceeding  previous  generation  cellular 
transmission  rates  of  144K  bit/sec. 

EV-DO  service  is  hard  to  find,  although 
some  big  service 
providers  are  starting 
to  roll  it  out.  Verizon, 
for  example,  has  two 
trials  —  one  in  San 
Diego,  the  other  in  Washington,  D.C.  — 
with  plans  to  expand  to  more  metropoli¬ 
tan  areas  later  this  year.  Monet  Mobile 
Networks,  a  small  operator,  launched  ser¬ 
vice  in  Duluth,  Minn.,  two  years  ago. 

Wi-Fi  hot  spots  are  more  plentiful,  but 
customer  acceptance  has  been  lukewarm 
because  of  pricing  and  coverage  issues, 
among  others.  Workers  accessing  the  ser¬ 
vice  at  hot  spots  in  coffee  houses  and  air¬ 
ports  have  been  charged  multiple  con¬ 
nection  fees  between  $6  and  $10  when 
moving  between  hot  spots.  Coverage  has 
been  spotty,  which  makes  signing  up  for 
monthly  service  with  one  provider  risky 
and  potentially  expensive. 

Such  issues  explain  why  some  users  are 
turning  to  their  cellular  providers, some  of 
which  have  EV-DO  networks.  Although 
data  rates  are  slower, service  is“free”under 
existing  cellular  contracts,  and  quality 
and  coverage  are  predictable. 

Nonetheless,  Wi-Fi  service  providers  see 
their  offerings  living  peacefully  alongside 
EV-DO. 

“Is  Wi-Fi  going  to  be  everywhere? 
Everywhere  where  it  makes  sense,  yes,” 
says  Dan  Lowden,  vice  president  of  mar¬ 
keting  for  Wayport,  which  provides  hot¬ 
spot  access  in  hotels  and  airports. 
“Customers  that  we  serve  are  always  look¬ 
ing  to  be  best  connected.  When  they’re  in 
a  hot  spot,  they’re  best  connected  to  Wi-Fi; 
when  they’re  not  in  a  hot  spot,  they’re  best 
connected  to  a  wide-area  network.” 

Lowden  says  Wayport  connects  350,000 
people  to  its  service  per  month  and  that 
the  number  is  growing  15%  to  20%  per 
month. 

Boingo  Wireless,  a  company  that  aggre¬ 
gates  hot  spots  to  facilitate  roaming,  says 
equipment  pricing  favors  Wi-Fi  over  EV- 
DO.  Many  mobile  devices  are  or  will  be 


Wi-Fi-enabled,  while  EV-DO  cards  for  lap¬ 
tops  or  PDAs  cost  between  $200  and  $300, 
says  Tamara  Steffens,  vice  president  of 
sales  at  Boingo. 

It’s  the  subscription  rate  that’s  turning 
users  away  from  Wi-Fi  as  operators  price 
services  high  to  recoup  their  capital 
investment  in  access  points  and  other 
equipment  to  Wi-Fi-enable  their  outlets, 
Steffens  says.  Lack  of  roaming  between 
networks  is  also  an  issue,  she  says. 

“We’re  going  to  have  to  convince  those 
hot-spot  operators  that  roaming  will  actu¬ 
ally  drive  transactions  and  that  volume  is 
really  where  the  entire  market  makes  it,” 
Steffens  says.“As  soon  as  that  subscription 
rate  for  Wi-Fi  service  comes  down  and  the 
concept  of  roaming  is  solved,  the  volume 
of  transactions  will  go  up  and  I  think 
you’ll  see  the  whole  model  fall  into  place.” 

Fixed  wireless 

One  market  that  hasn’t  made  it  so  far  is 
fixed  wireless,  which  is  intended  to  pro¬ 
vide  multimegabit  last-mile  services  less 
expensively  and  faster  than  comparable 
wireline  offerings  from  the  RBOCs. 
Companies  such  as  Teligent  and  Winstar 
Communications  tried  unsuccessfully  to 
sell  fixed  wireless  point-to-point  and  dedi¬ 
cated  Internet  access  services  to  busi¬ 
nesses  in  the  late  1990s  and  the  last  few 
years. 

But  XO  Communications  says  the  mar¬ 
ket  for  fixed  wireless  —  specifically  local 
multipoint  distribution  systems  —  has 
been  reinvigorated  now  that  the  technol¬ 
ogy  has  matured  and  IT  spending  has 
increased.  XO  says  it  is  the  largest  owner 
of  fixed  wireless  spectrum  in  the  27-GHz 
to  32-GHz  range  in  the  U.S.,  potentially 
making  fixed  wireless  available  from  XO 
in  the  top  30  U.S.  cities. 

Earlier  this  year,  XO  announced  trials  of 
the  service  in  Irvine,  Calif.,  and  San  Diego 
with  about  37  customers. 

The  XO  Fixed  Wireless  Access  service 
offers  users  5M,  10M  and  20M  bit/sec  local 
loop  pipes  for  Ethernet  or  Internet  ser¬ 
vice.  It’s  designed  to  bypass  the  traditional 
wireline-based  last-mile  services  offered 
by  the  RBOCs,  which  reduces  XO’s  access 
charges  —  savings  that  could  be  passed 
on  to  the  customer. 

The  service  also  can  be  provisioned  in 
days  vs.  weeks  or  months  with  RBOC  ser¬ 
vices,  XO  says.  Limitations  of  the  service, 
however, are  a  distance  of  3  to  5  miles  and 


a  line-of-sight  requirement. 

“You’re  not  going  to  go  out  and  blanket 
neighborhoods,  that’s  for  sure,”  says  Mark 
Salter,  vice  president  of  fixed  wireless  ser¬ 
vices  at  XO. “You’re  going  to  go  into  high- 
teledensity  areas  like  central  business  dis¬ 
tricts”  and  thickly  populated  suburbs,  he 
says. 

WiMax 

Those  high-teledensity  and  thickly  pop¬ 
ulated  suburban  areas  might  find  another 
fixed  wireless  offering  down  the  road. The 
emerging  IEEE  802.16a  WiMax  standard  is 
expected  to  make  its  commercial  debut 
in  mid-2005. 

WiMax  is  a  metropolitan-area  broad¬ 
band  wireless  technology  that  operates  in 
the  spectrum  below  1 1  GHz  and  supports 
data  rates  up  to  75M  bit/sec.  It  can  con¬ 
nect  users  up  to  30  miles  away. 

Covad  Communications  is  exploring  the 
possibility  of  conducting  WiMax  trials  late 
this  year  as  a  way  to  bridge  gaps  in  DSL 
coverage,  says  Ron  Marquardt,  technical 
director  of  strategic  development  at  the 
competitive  local  exchange  carrier 
(CLEC). 

“There  are  areas  where  we  can’t  serve 
customers  because  they’re  behind  fiber- 
fed  remote  terminals  that  we  don’t  have 
access  to,  and  there  are  other  areas  that 
are  far  enough  from  a  central  office  that 
DSL  can’t  provide  service  either,”  he  says. 

The  CLEC  chose  WiMax  for  its  non-line- 
of-sight  capabilities  and  promise  of  multi¬ 
vendor  interoperability,  Marquardt  says. 

WiMax  Forum  compliance  tests  are 
slated  for  the  first  quarter  of  2005,  and 
Covad  wants  to  have  a  WiMax  business 
plan  in  place  by  then,  he  says.  ■ 


More  online! 


Attend  Wireless  LANs:  Gaining  Strength,  Reaching 
Farther,  a  new  Network  World  Technology  Tour  event. 
It  brings  together  the  intelligence,  innovations  and 
solutions  you  need  to  move  forward. 
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Intelligent  or  stupid?  Dumb  question 


Awhile  back  I  was  asked  to  comment 
on  the”‘intelligent  network  vs.  stupid 
network”  debate.  Not  familiar  with  it? 
It  all  started  in  1997  with  the  publication  of 
a  paper  by  David  Isenberg,  then  an  AT&T 


researcher,  called  “Rise  of  the  Stupid 
Network.”  Isenberg  was  protesting  a  recent 
initiative  by  his  employer  to  market  “The 
Intelligent  Network." 

Isenberg  wrote,  “The  Intelligent  Network 


The  reason  the  world's  leading  companies 
rely  on  Equant  for  their  global  communications 


Your  business  communications  can't  be 
left  to  chance.  Fortunately,  there's  a 
provider  with  the  track  record  to  inspire 
your  confidence.  An  innovator  with  over  5  years 
experience  using  convergence-ready  MPLS 
technology  that  powers  business  solutions 
for  over  1100  companies.  A  provider  trusted 
by  the  world's  leading  companies. 

That  provider  is  Equant. 

Seamless.  And  that  trust  doesn't  stop  at 
any  border  -  because  Equant  is  everywhere. 
With  people  in  1 65  offices,  a  seamless  global 
network  that  covers  220  countries  and 
territories,  and  supported  locally  in  the  local 
language.  Our  customized  communication 
solutions  can  enable  your  key  business 
processes  wherever  you  want  to  do  business  - 
including  emerging  markets  like  India  and  China. 


See  Equant  at  Network  Wortd's 
'State  of  the  WAN L™aA  mi  Aprlt  29th. 


Stable.  What's  more,  you  can  trust  us 
to  deliver  real  results  for  business  critical  needs. 
Solid  financials  and  steady  growth,  on  both 
client  list  and  balance  sheet.  But  don't  take 
our  word  for  it;  analysts  have  praised  Equant's 
solutions  for  global  businesses  for  years. 

Demonstrating  business  value.  And  that's 
how  we'll  earn  your  trust  -  by  understanding 
your  business  before  talking  technology. 

Our  approach  is  consultative,  not  hard-sell; 
our  people  build  relationships  by  demonstrating 
business  value  with  the  more  than  80  proven 
Equant  products  and  solutions.  We'd  like 
to  start  proving  ourselves  to  you  today. 

Go  to  the  link  below  and  see  why  Equant 
is  worthy  of  your  trust. 

www.equant.com/usa 


^equant 


Creating  answers  together. 


was  a  telephone  company  attempt  to  engi¬ 
neer  vendor  independence,  more  auto¬ 
matic  operation  and  some  ‘intelligent’  new 
services  into  existing  network  architecture. 
However,  even  as  it  rolls  out  and  matures, 
the  Intelligent  Network  is  being  superseded 
by  a  Stupid  Network  [the  Internet]  ."It’s  a  fas¬ 
cinating  and  well-written  paper,  and  you 
can  find  pointers  to  it  at  www.isen.com, 
though  it’s  not  actually  posted  there. 

Rather  predictably,  this  did  not  go  over 
well  with  Isenberg’s  employer,  and  the  two 
subsequently  parted  ways.  But  the  idea 
caught  fire.  It  became  an  article  of  faith  that 
the  Internet  is  a  “stupid  network,”  character¬ 
ized  by  stupid  switches,  intelligent  end 
points  and  plentiful  bandwidth  —  and  that 
“stupid”  (the  Internet)  was  better  than 
“intelligent”  (the  public  switched  tele¬ 
phone  network). 

Seems  like  we’re  back  to  the  future  all 
over  again.  Another  large  network  com¬ 
pany  in  this  case  Cisco,  has  begun  pro¬ 
moting  the  concept  of  “intelligence  in  the 
network.”  (A  March  6  news  briefing  pur¬ 
ported  to  “examine  the  trend  for  more  . . . 
intelligence  to  be  delivered  over  the  net¬ 
work.”)  What’s  going  on?  Have  the  folks  at 
Cisco  lost  their  minds?  Don’t  they  know 
that  stupid  is  smart  and  intelligent 
is  dumb? 

Oh,  for  Pete’s  sake.  With  all  due  respect  to 
Isenberg,  the  debate  has  nothing  to  do  with 
intelligent  vs.  stupid,  and  everything  to  do 
with  carrier  hubris  and  inability  to  recog¬ 
nize  that  the  assumptions  on  which  it  had 
created  a  highly  profitable  business 
(scarce  bandwidth,  primarily  voice  traffic) 
no  longer  applied. 

Every  network  has  design  assumptions 
built  in.You  can’t  escape  it.  For  example,  the 
current  Internet  assumes  that  “end  stations" 
are  machines  and  not  users;  that  data  is 
sent  in  the  form  of  sessionless  packets;  and 
that  obtaining  the  correct  IP  address  for 
those  packets  is  a  function  that  occurs  in  a 
“higher  layer”  (specifically  via  DNS,  which 
is  very  far  from  a  “stupid”  function,  but 
indisputably  part  of  the  network). 

But  there  are  signs  these  assumptions  are 
a  tad  frayed  at  the  edges.  In  today’s  world  of 
multiple  access  technplogies  and  smart 
phones,  a  user  might  connect  to  the  ’Net  at 
multiple  points  simultaneously  (from  a  cell 
phone  and  a  laptop,  say),  which  can  do 
funky  things  to  routing  protocols.  We’ve  all 
noticed  the  uptake  in  interest  in  services 
such  as  VoIP  which  require  sessions. 

The  bottom  line  is  that  the  Internet 
already  contains  plenty  of  intelligence, 
such  as  routing, addressing  and  session-cre¬ 
ating.  It  will  need  to  contain  more  to  han¬ 
dle  next-generation  services.  And  that’s 
fine.  The  issue  isn’t  about  “intelligent"  vs. 
“stupid”  —  it’s  about  how  well  a  set  of 
design  principles  can  map  to  a  changing 
set  of  expectations  and  requirements. 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research ,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 
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SMTPi  authenticates  e-mail  senders 


HOW  IT  WORKS 


SMTPi 

SMTPi  is  a  three-part  framework  of  a  next-generation 
messaging  system  that  includes  identity,  reputation  and 
policy  components  for  enforcing  sender  accountability. 


Identity 


Reputation 


DNS  - 

Stores  records  for 
Microsoft’s  Caller  ID, 
Send  Policy  Framework 
andYahoo  Domain  Keys 


Sending  mail  server 


Mail 

client 


O  Mail  server  sends  an  e-mail  from  “jim@okcorp.com.” 

0  The  receiving  e-mail  server  establishes  the  true  identity  of  sender  using  an  SMTPi  identity  mechanism.  The  receiver 
might  discover  that  Jim  is  who  he  says  he  is  or  might  find  out  that  he  is  a  spammer. 

©  The  receiving  e-mail  server  evaluates  the  sender’s  reputation  based  on  a  number  of  factors,  such  as  mailing 
history,  to  assess  the  trustworthiness  of  the  sender  before  letting  the  message  pass  through  the  e-mail  gateway. 

O  Based  on  sender  identity  and  reputation,  the  receiving  e-mail  server  defines  appropriate  mail  policy  and  applies 
it  to  the  message. 

©  The  e-mail  server  sends  message  to  the  intended  recipient  or  deletes  it  as  spam  or  unwanted  mail. 


■  BY  AMBIKA  GADRE 

A  deluge  of  spam,  crippling  viruses 
and  e-mail  forgeries  such  as  “phish- 
ing"schemes  is  threatening  the  value 
of  electronic  messaging  as  a  critical 
communications  tool. The  root  cause 
of  these  problems  is  the  inherent 
anonymity  of  the  email  standard 
Simple  Mail  Transfer  Protocol. 

Because  the  protocol  was  designed 
20  years  ago,  when  spam  was  still 
only  a  canned  meat  and  viruses  only 
infected  humans,  it  is  all  too  easy  for 
an  illicit  sender  to  deliver  unsolicited 
or  hostile  mail  under  the  guise  of 
being  legitimate. 

SMTPi  is  an  initiative  for  a  next-gen¬ 
eration  e-mail  infrastructure.  It  has  a 
three-part  framework  that  includes 
the  essential  components  —  identity, 
reputation  and  policy  —  of  a  new, 
secure  messaging  system  built  on  top 
of  SMTP  The  “i”  stands  for  identity 
Migrating  to  an  identity  and  reputa¬ 
tion-based  mail  system  will  enforce 
sender  accountability  and  eliminate 
many  challenges  with  e-mail. 

Identity 

Accurately  establishing  a  senders  iden¬ 
tity  lets  e-mail  recipients  make  confident 
decisions  about  how  to  treat  incoming 
mail  based  on  a  sender’s  reputation.  By 
doing  so,  it  would  make  it  easier  to  leave 
spam  out  of  the  recipient’s  in-box. 

Building  a  universal  identity  mechanism 
for  e-mail  is  a  major  undertaking  and  will 
be  done  in  phases. 

Initial  server-level  identity  mechanisms 
rely  on  a  sender’s  IP  address.  An  IP  address 
is  verifiable  and  manageable,  and  is  nearly 


impossible  to  forge  because  it  is  estab¬ 
lished  via  TCP/IP  connection.  If  the  IP 
address  is  altered,  two-way  SMTP  conversa¬ 
tion  would  not  take  place  because  the 
return  packets  required  to  continue  the 
SMTP  conversation  could  not  be  routed  to 
the  actual  sending  IP  address. 

Over  the  next  few  years,  domain-level 
identity  will  be  deployed  using  standards 
such  as  Sender  Policy  Framework,  Caller-ID 
and  DomainKeys,  but  each  of  these 
approaches  has  trade-offs. 

The  best  solution, yet  the  least-developed, 
is  the  use  of  cryptographic  headers  that 
would  let  users  identify  themselves  at  mul¬ 


tiple  levels  —  as  individuals,  organizations 
and  corporations. 

Reputation 

A  sender’s  reputation  can  be  tracked  by 
monitoring  his  mailing  history.  A  sender 
reputation  service  tracks  a  range  of  mea¬ 
surable  parameters  such  as  volume  of  mail 
sent  globally  complaints,  country  of  origin, 
presence  of  an  open  proxy  or  relay  proper 
DNS  configuration  and  other  related  data. 
These  parameters  are  used  to  assess  a 
sender’s  reputation. 

Unlike  blacklists,  which  are  in  effect  a 
first-generation  reputation  services,  the  cur¬ 


rent  crop  of  second-generation  rep¬ 
utation  services  such  as  SenderBase 
provide  detailed  data  (a  reputation 
score  ranging  from  minus-10  to  plus- 
10)  that  lets  recipients  choose  their 
own  policies  and  thresholds. 
SenderBase  is  an  open  service  that 
system  administrators  and  open 
source  spam  filters  can  access  at  no 
charge. 

Policy 

After  authenticating  an  e-mail  sen¬ 
der  and  establishing  his  reputation, 
e-mail  receivers  need  a  way  to  apply 
appropriate  mail  policies  based  on 
that  knowledge. 

Today  most  mail  gateways  process 
all  incoming  mail  through  spam  fil¬ 
ters.  This  method  increases  infra¬ 
structure  costs  and  reduces  the 
effectiveness  of  catching  spam. 

An  effective  mail  policy  solution 
supports  variable  response  that’s 
based  on  the  quality  and  trustwor¬ 
thiness  of  the  mail  source.  Mail  from 
known  good  senders  can  be  routed 
around  spam  filters,  mail  from  known  bad 
senders  can  be  deleted,  and  mail  from  sus¬ 
picious  senders  can  be  throttled  and  sent 
through  highly  sensitive  spam  filters. 

As  SMTPi  continues  to  propagate, 
receivers  of  e-mail  will  apply  stricter  limits 
on  mail  originating  from  a  source  that  does 
not  have  an  identity  and  a  reputation. This 
migration  toward  an  identity-  and  reputa¬ 
tion-based  e-mail  system  will  make  e-mail 
safer  and  more  reliable. 

Gadre  is  director  of  product  marketing  for 
IS  at  IronPort  Systems.  She  can  be  reached  at 
agadre@ironport.  com. 


Dr.  Internet 


By  Steve  Blass 


We  use  Nortel's  Contivity  VPN  Client  (v04_65.09) 
to  connect  to  Company  A.  We  have  to  connect  to 
Company  B  using  another  version  of  the  VPN 
client  (V02_62.33).  Can  we  maintain  both  connec¬ 
tions  to  both  companies  using  one  PCP  Is  it  possi¬ 
ble  to  use  just  one  version  of  the  VPN  client  to 
establish  connections  to  both  companies? 

Maintaining  both  VPN  connections  simultaneously 
might  not  be  possible,  but  you  should  be  able  to 


connect  to  either  site  using  the  newer  version  of 
the  Contivity  client  if  Company  B’s  extranet  access 
switch  is  using  IP  Security  and  ISAKMP/Oakley 
Key  Exchange  protocol  (which  v04_65.09  expects). 
If  Company  B's  extranet  access  switch  has  been 
kept  up  to  date  and  patched  to  support  the  latest 
IPSec  key  exchange  standards,  then  you  can  con¬ 
nect  to  the  site  using  the  newer  client  software 
simply  by  creating  a  new  connection.  If  Company 
B's  switch  runs  software  older  than  Version  3.50 


and  still  uses  single  Data  Encryption  Standard  in 
IPSec  IKE  Phase  1,  you  might  be  forced  to  install 
and  use  the  earlier  version  of  the  Contivity  client  to 
connect  to  the  site,  because  some  older  switches 
were  not  upgradeable  and  do  not  support  the 
newer  IPSec  implementation. 

Blass  is  a  network  architect  at  Change@Work  in 
Houston.  He  can  be  reached  at  dr.  internet 
@changeatwork.  com. 
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Making  Outlook  work  for  us,  Part 


GEARHEAD 
INSIDE  THE 
NETWORK 
MACHINE 

Mark 

Gibbs 


Last  week  at  the  start  of  our  quest  to 
make  Microsoft  Outlook  do  what  we 
want  —  that  is,  launch  an  application 
when  an  appointment  or  task  item 
reminder  occurs  —  we  first  had  to  stop 
Outlook  from  having  a  cow  every  time  we 
started  it  with  macros  (aka  scripts) 
installed.  Thus  we  went  down  the 
labyrinthine  path  to  create  self-signed  cer¬ 
tificates  that  let  Outlook  turn  a  blind  eye 
to  our  code. 

It  appears  that  some  of  you  have  benefit¬ 
ed  from  our  expiation  of  this  particular  bit 
of  Microsoft  arcana.  Reader  Bruce  Whit¬ 
lock  wrote:  “The  column  on  Outlook  was 
timely,  encompassing  and,  most  important 
to  me,  accurate.” We  aim  to  please. 

This  week  we’ll  show  you  how  to  launch 
an  application  from  an  Outlook  reminder. 

First,  in  the  Outlook  menu  go  to  Tools  I 
Macro  I  Visual  Basic  Editor,  or  simply  press 
Alt  +  FI  1  and  you  will  find  yourself  in  the 
VBA  Editor.  In  the  left  pane  you  will  see  a 
hierarchy  starting  with  Project  1  (Vba- 
Project.OTM),  under  which  you  will  see 
(when  you  expand  the  branches)  Micro¬ 


soft  Office  Outlook  Objects  and  under  that 
ThisOutlookSession.  The  right  pane  now 
will  list  the  various  subroutines  and  func¬ 
tions  you  have  defined  by  loading  macros 
and  extensions  under  Outlook.  Put  the  fol¬ 
lowing  code  in  that  pane: 

Private  Sub  Application_Reminder(ByVal 
Item  As  Object) 

If  (TypeOf  Item  Is  Appointmentltem) 
And  _ 

(Item.Categories  =“AppRun”)  Then  _ 
Call  RunApp(ltem) 

End  Sub 

Public  Function  RunApp(ByVal  Item  As 
Appointmentltem) 

Dim  WSHShell 
Item.ReminderSet  =  False 
Item.Close  (False)  ‘close  reminder 
popup 

Set  WSHShell  =  CreateObject 

(“wscript.Shell”) 

WSHShell. Run  Trim(Item. Body),  1,  False 
Set  WSHShell  =  Nothing 

End  Function 

The  first  line  sets  up  an  event  handler  for 
Outlook  reminders.  When  a  task  or  an 
appointment  triggers  a  reminder,  the  han¬ 
dler  subroutine  named 

Application_Reminder  will  be  called. 

The  calling  routine  —  Outlook  itself  — 
will  pass  the  handler  an  object  so  we  first 
must  test  the  object  to  see  if  it  is  an 
Appointmentltem.  The  alternatives  are 


Mailltem.Meetingltem  orTaskltem.and  we 
could  choose  to  launch  applications  from 
any  of  these.Taskltems  would  be  a  sensible 
alternative  as  well  as  or  instead  of 
Appointmentltems. 

Once  we  know  the  object  is  an 
Appointmentltem  we  can  test  its 
Categories  attribute  value  to  see  if  that 
equals  AppRun  (you  could  look  for  any 
category  or  categories  you  like  —  nothing 
restricts  you  to  just  one). If  the  value  is  what 
were  looking  for, we  now  call  the  function 
RunApp. 

RunApp  first  clears  the  ReminderSet 
property  of  the  item  and  then  executes  the 
close  method,  which  updates  the  objects 
properties.  This  should  suppress  the 
reminder  alert  dialog  if  you  have  enabled 
it,  but  the  dialog  seems  to  get  called  any¬ 
way  (although  the  reminder  we  just  can¬ 
celled  does  not  appear)  .This  is  very  annoy¬ 
ing.  If  you  know  how  to  prevent  this,  please 
let  us  know. 

Next  we  call  the  Windows  Script  Host  to 
access  a  native  Windows  shell.  This  shell 
lets  us  run  a  program  locally  manipulate 
the  contents  of  the  registry  create  a  short¬ 
cut  or  access  a  system  folder.  We  are  going 
to  run  a  program. 

The  trim  function  strips  leading  and  trail¬ 
ing  spaces  from  the  string  that  we  extract 
from  the  object’s“body” —  that’s  the  option¬ 
al  descriptive  text,  which  is  another  proper- 


II 

ty  of  the  object.  We  then  pass  this  string  to 
the  shell  instructing  the  shell  to  execute  it. 
The  next  argument,  “1,”  specifies  that  the 
window  should  be  activated  and  displayed 
(if  the  window  is  minimized  or  maximized, 
the  system  restores  it  to  its  original  size  and 
position).The  final  argument,“False,”  causes 
control  to  immediately  return  to  our  script 
ignoring  any  error  code  from  the  shell  (in 
other  words,  if  the  program  doesn’t  exist  or 
something  else  goes  wrong  our  script  does¬ 
n’t  care). 

When  the  reminder  actually  occurs  will 
depend  on  how  far  in  advance  of  the 
event  we  set  it.  But  don’t  assume  that  the 
application  will  be  launched  exactly  on 
the  minute  that  you  specify  —  on  our  test 
system  the  reminder  usually  triggered 
about  40  seconds  after  the  target  time  was 
reached  —  an  odd  behavior  that  is 
because  of  the  internal  architecture  of 
Outlook. 

If  you  need  accurate  launching  of  an 
application  you  might  want  to  ensure  that 
the  reminder  occurs  a  few  minutes  before 
the  desired  start  time  and  hand  the  details 
of  the  program  to  be  executed  to  an  exter¬ 
nal  application  along  with  the  start  date 
and  time  (which  would  be  referenced  in 
our  example  as  Item.Start). 

Is  that  it?  Nope.  There's  more  next  week. 
Remind  us  at  gearhead@gibbs.com. 


Cool 


Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


A  few  more  small-device  gems 


Like  last  week,  we  found  a  few 
more  small  devices  hiding  in 
our  offices.  They  might 
look  small,  but  they  can  be  big 
in  saving  you  time  or  frustra¬ 
tion  while  on  the  road. 

The  scoop:  USB  six-in-one 
portable  card  reader  from  Sinbon 
Electronics,  about  $20 

What  it  does:  Connects  via  USB  2.0  (or  1.1) 

ports  on  a  notebook  or  desktop  e.  .  ,  .  . 

,  .  .  ,  F  Sinbon  s  six-in-one  USB 

PC  and  lets  users  convert  data  card  reader  lets  you  con 

from  six  memory  card  formats  vert  data  from  a  variety 

(Compact  Flash,  IBM  Microdrive,  of  memory  card  formats, 
SmartMeida,  Secure  Digital,  Mem¬ 
ory  Stick/Memory  Stick  Pro  and  MultiMedia  Card)  onto 
the  computer. Truly  plug-and-play,  the  device  connects  in  a 
matter  of  seconds,  with  lights  that  indicate  when  the 
card  is  inserted  correctly 

Why  it’s  cool:  Very  portable,  it  can  fit  easily  into  a  lap¬ 
top  bag.  For  noteoks  or  desktops  that  don’t  have 
media  card  readers  embedded  in  them  yet,  this  is  an 
easy  and  affordable  way  to  provide  conversion.  The 
device  also  lets  you  use  the  four  slots  at  the  same  time.You 
can  attach  a  Secure  Digital  and  a  Compact  Flash  card  in 


the  device  at  the  same  time,  then  convert  between 
the  two,  for  example. 

Grade:  irkirki  (out  of  five) 

The  scoop:  eToken  Web  Sign 
On  from  Aladdin  Knowledge 
Systems,  about  $772  for  10  tok¬ 
ens  and  a  10-user  software 
license. 

What  it  does:  Stores  all  of  your 
usernames  and  passwords  for  Web- 
based  applications,  and  email  password 
and  VPN  access,  onto  a  USB  token  instead  of 
the  h.  rd  drive  of  your  computer.  If  you  have  a 
hard  time  remembering  all  of  your  e-commerce 
passwords,  this  can  be  a  good  way  to  remember  them, 
while  being  more  secure  in  case  you  lose  the  laptop. 
After  you  save  your  username/password 
profile  to  the  eToken,  the  system 
“auto  fills”the  informa¬ 
tion  from  the 


token  the  next  time  you  access  that  Web  application. This 
way  you  can  avoid  having  the  cookies  sit  on  your  system 
and  still  have  access  to  the  passwords  that  you  need. 

Why  it’s  cool:  Anything  that  helps  us  remember  account 
names  and  passwords,  and  still  secures  them,  is  OK  in 
our  book. 

Grade:  icfcki 

The  scoop:  Veo  Photo  Traveler  130S  from  Veo,  about  $100. 

What  it  does:  The  device  attaches  via  Secure  Digital  I/O 
slot  on  a  Pocket  PC  and  gives  the  user  a  1 .3-megapixel  cam- 
era.The  device  is  very  mobile  and  can  be  an  alternative  to 
finding  a  PDA  that  comes  with  an  embedded  camera  or 
using  a  VGA-style  camera  phone. The  device  also  lets  you 
record  short  movies,  complete  with  audio,  a  self-timer  (in 
case  you  want  to  get  into  the  photo), and  up  to  4x 
in  digital  zoom. 

Why  it’s  cool:  For  Pocket  PC  users,  this  is  an 
additional  accessory  that  can  enhance  the  usage 
of  their  PDA,  especially  in  situations  where  car¬ 
rying  an  additional  digital  camera  is  too  dif¬ 
ficult.  The  device  is  easy  to  attach  and  the 
software  easy  to  use  to  take  quick  pho¬ 
tos.  If  you  are  looking  for  photos  to  e-mail  or 
to  attach  to  a  Web  site,  the  megapixel  quality  is 
good  enough. The  device  has  a  swivel  lens  to  let  you 

take  photos  of  yourself,  or  swing  it  around  and  take  photos 
while  using  the  PDAs  view  screen  as  a  display. 

Grade: 


e-Token  stores  all 
your  Web  sign-ons. 


Shaw,  who  is  senior  editor  of  product  reviews,  can  be 
reached  at  kshaw@nww.com. 


“  I  WISH  TO  AVAIL  MYSELF  TO  ALL  THAT  IS  ALREADY  KNOWN...”  Wilbur  Wright  once 
wrote  requesting  information  from  the  Smithsonian  about  flight.  100  years  ago  two 
bicycle  mechanics  leveraged  that  basic  knowledge  and  combined  it  with  their  own 
expertise  to  launch  propelled  flight. 

Propel  the  profit  velocity  of  your  business  to  new  heights  by  accessing  EMA’s 
ever-expanding  knowledge  repository.  Our  industry  leading  analysts  collect  timely 
market  data  that  strengthens  our  clients’  competitive  advantage.  Do  you  want  to 
know  how  your  products  really  compare  to  the  competition  in  the  eyes  of  your 
customers? 

EMA  can  empower  you  with  the  knowledge  that  will  propel  your  upward  flight 
in  deriving  business  value  from  technology  resources. 

Please  visit  us  at  www.emausa.com 
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ON  TECHNOLOGY 

John  Dix 

When  silence 

speaks 

volumes 


In  the  publishing  business  there  is  no  end  to  vendors 
banging  on  the  door  looking  for  exposure.They  are 
dying  for  the  attention  of  you,  the  buyer,  and  will  go 
to  great  lengths  to  try  to  make  their  voices  heard. 

Besides  their  public  relations  machines  that  pump  out 
press  releases  and  user  case  studies,  they  come  at  us 
with  all  sorts  of  ideas,  offering  to  write  everything  from 
opinion  pieces  to  technology  primers. 

Curious,  then,  when  we  offered  two  vendors  the  oppor¬ 
tunity  to  write  a  story  that  would  appear  prominently  in 
Network  World  —  in  their  own  words  —  about  issues 
identified  by  members  of  the  Network  World  Lab 
Alliance,  both  chose  instead  to  stick  their  heads  in  the 
sand. 

In  our  first  Testers  Challenge  on  Nov.  17  (www.nwfu 
sion.com,  DocFinder:  1632),  we  called  on  vendors  to 
stop  shipping  products  that  support,  out  of  the  box, 
access  and  management  protocols  that  aren’t  secure, 
such  as  earlier  versions  of  Secure  Shell,  SNMP  and 
HTTP 

We  challenged  Cisco  to  set  an  example  for  the  industry 
by  changing  the  practice,  offering  it  800  words  to 
respond  any  way  it  saw  fit  —  to  debunk  our  claim,  justify 
its  practice  or  even  talk  about  how  it  would  address  the 
issue  in  the  future. 

Remarkably,  the  company  refused.  Rather  than  tell  you, 
the  buyer,  what  it  makes  of  an  issue  that  independent 
testers  of  its  products  have  identified  as  a  problem,  it 
chose  instead  to  remain  mum,  presumably  in  the  hope 
that  this  would  create  less  of  a  ripple. The  only  response 
we  got  was  a  product  manager  calling  to  share  a  few 
thoughts  for  a  follow-up  story. 

Microsoft  assumed  the  same  self-defensive  posture 
when  we  challenged  the  company  in  our  next  Testers 
Challenge  in  March  to  simplify  and  streamline  the 
process  of  patch  management  (DocFinder:  1633). 

Instead  of  using  the  offered  space  to  talk  directly  to 
buyers  about  the  issue,  a  Microsoft  security  program 
manager  called  to  say  he  wasn’t  hearing  the  same  con¬ 
cerns.  We  have  no  way  of  knowing  if  that  is  true,  but 
given  the  widely  acknowledged  security  problems 
Microsoft  has,  wouldn’t  you  think  it  would  relish  any 
opportunity  to  lay  out  its  vision?  The  refusal  to  step  to 
the  plate  only  serves  to  exacerbate  the  situation,  leaving 
the  impression  the  company  is  so  guilty  it  can’t  even 
look  the  buyer  in  the  eye. 

Moreover,  it  does  you  a  disservice.  Instead  of  meaning¬ 
ful  information  you  can  use,  it  leaves  you  second-guess¬ 
ing  the  players.You  deserve  better. 

—  John  Dix 
Editor  in  chief 
jdix@nww.com 
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Spam  free 

Mark  Gibbs’  Backspin  column  “The  charge  is  in  the 
e-mail”  (www.nwfusion.com,  DocFinder:  1624)  pre¬ 
sents  the  most  persuasive  arguments  I’ve  heard  on 
this  discussion. 

My  company  has  been  100%  spam  free  for  about 
two  years  (despite  the  97.5%  rate  of  spam  hitting  our 
front  door),  and  it  doesn’t  require  any  changes  to 
SMTP  or  DNS,  or  use  questionable  IP  block  lists.  We 
can  do  it  our  own  way  without  imposing  any 
changes  to  the  way  e-mail  now  works.  If  others  can’t 
do  the  same,  then  they  are  doing  it  the  wrong  way 

Roger  Walker 
Director 
Mercmail 
Edmonton,  Alberta,  Canada 

The  other  side 

I’m  wholeheartedly  against  spam,  but  1  am  now 
seeing  the  other  side  of  the  coin.  I  am  in  youth  min¬ 
istry  and  we  have  about  200  students’  e-mail 
addresses  in  our  address  book.  We  have  been  send¬ 
ing  weekly  e-mail  to  them  for  about  three  years, 
with  40  or  fewer  addresses  in  each  folder.  Suddenly 
in  the  last  few  weeks,  nearly  all  of  our  Yahoo,  Hot¬ 
mail  and  some  MSN  addresses  are  getting  bounced 
back. 

We  are  not  advertising  or  selling  any  products;  it’s 
just  a  weekly  update  on  upcoming  events,  birth¬ 
days  and  so  forth.  I  think  we  have  been  incorrectly 
labeled  as  spam  senders.  Any  advice  (to  fivepines 
@fivepines.org)  would  be  greatly  appreciated. 

Mike  Emerson 
Youth  ministry  coordinator 
Five  Pines  Ministries 
Berrien  Center,  Mich. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief.  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


Windows  regulation 

Regarding  Mark  Gibbs’  Backspin  column  “Night¬ 
mare  or  regulation,  your  choice”  (DocFinder:  1625): 
I  agree  that  regulation  of  Windows  would  help  en¬ 
sure  a  more  secure  product.  What  worries  me  is  that 
Microsoft  has  the  opportunity  to  embed  whatever  it 
wants  in  every  machine  that  downloads  a  “security 
patch.”  No,  I’m  not  paranoid  (much),  but  Gibbs  is 
right  that  anybody,  including  Microsoft,  has  the  capa¬ 
bility  to  install  code  in  every  Windows  box  that  con¬ 
nects  to  the  ’Net  and  those  that  don’t  (by  any  soft¬ 
ware  additions). 

1  wonder,  with  all  of  Microsoft’s  resources  and  the 
outrageous  prices  it  charges  for  its  software,  why  we 
are  not  sold  a  reliable  product.  The  joke  about  GM 
building  cars  like  Microsoft  builds  operating  systems 
is  true  —  any  other  manufacturing  operation  would 
be  laughed  out  of  business  (unless  they  had  a 
monopoly  of  course). 

Bill  Roberts 
Hanover,  Md. 

No  economies  of  scale 

Regarding  Ken  Presti’s  column  “Wrangling  over  ser¬ 
vices  revenue”  (DocFinder:  1626):  Certainly  there  is 
growing  competition  between  vendors  and  their 
channel  partners  over  professional  services  rev¬ 
enue.  But  to  say  “a  strong  vendor  presence  in  the 
local  services  market  can  reduce  competition  as  a 
result  of  the  vendor’s  economies  of  scale”  is  absurd. 
There  is  no  such  thing  as  economies  of  scale  in  pro¬ 
fessional  services  or  in  services  in  general. 

The  heart  of  the  issue  is  account  control  and  divi¬ 
sion  of  labor  between  a  vendor  and  a  partner.  The 
latter  issue  affects  service  revenue/margin  splits. 

Sid  Hanna  Saleh 

Editor  and  publisher, Services  Revenue  Newsletter 
Center  for  Services  Marketing 
Golden,  Colo. 


More  online!  www.nwfusion.com  Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder:  1623 
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PACKET  EVANGELIST 

Steven 

In  the  words  of  baseball  legend  Yogi  Berra, 
“It’s  deja  vu  all  over  again.”  For  years  we’ve 
struggled  with  the  organizational  side  of 
convergence  for  voice  and  data.  We’ve  also 
struggled  with  the  LAN  folks  vs.  the  WAN  folks. 
Now  we  have  another  area  of  networking 
where  the  technological  innovation  has  ad¬ 
vanced  beyond  most  companies’ organizational  charts.  This  time  the 
issue  is  integrating  the  applications  people  with  the  network  people 
when  considering  Layer  4  to  Layer  7  traffic  management. 

Layer  4  to  Layer  7  traffic  management  is  quickly  coming  to  the  fore¬ 
front  as  a  major  issue  for  most  companies  over  the  next  couple  of 
years.  The  idea  is  great:  Rather  than  simply  providing  a  network  con¬ 
sisting  of  Layer  1  bit  pipes  or  using  slightly  more  intelligent  packet- 
based  architectures,  the  network  should  be  aware  of  the  actual  appli¬ 
cation  content.  Consequently  performance  can  be  enhanced  and  net¬ 
work  costs  can  be  minimized. 

In  reality,  the  entire  Layer  4  to  Layer  7  traffic  management  area  repre¬ 
sents  the  convergence  of  multiple  prior-generation  point  products  into 
one  product.  In  one  of  the  more  basic  manifestations  where  only  two 
network  products  are  involved,  combining  compression  and  traffic 
shaping  based  on  IP  parameters  enhances  throughput, compared  with 
applying  compression  and  traffic  shaping  separately 
At  the  same  time,  the  next  generation  of  Layer  4  to  Layer  7  products, 
sometimes  called  application  front-end  processors,  are  reaching  into 
the  data  center.  These  products  combine  historical  application  point 
solutions  with  network  point  solutions.  Features  such  as  server  load  bal¬ 
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ancing  and  Secure  Sockets  Layer  acceleration  are  combined  in  one 
appliance  with  compression  and  traffic  shaping.  Other  appliances  pro¬ 
vide  insight  into  WAN  performance  by  looking  at  performance  charac¬ 
teristics  from  within  the  LAN. 

The  ultimate  success  of  implementing  these  products  depends  pri¬ 
marily  on  the  organizational  convergence  to  support  them.  After  all, 
Layer  4  to  Layer  7  traffic  management  can  be  implemented  only  if  the 
network  people  and  applications  people  talk  to  one  another. 

In  a  recent  survey  at  Webtorials,  a  site  for  planners  of  next-generation 
networks,  we  asked  more  than  400  respondents  worldwide  to  indicate 
the  level  of  convergence  between  the  personnel  responsible  for  appli¬ 
cations  and  those  responsible  for  the  network  infrastructure  within 
their  organizations.  Less  than  one-third  of  the  respondents  indicated 
that  the  network  folks  and  applications  folks  were  part  of  one  inte¬ 
grated  organization.  Only  one-fourth  indicated  that  they  had  significant 
cross-training,  even  though  they  were  in  functionally  separate  organi¬ 
zations.  Just  less  than  one-third  of  the  respondents  indicated  they  had 
functionally  separate  organizations,  with  the  convergence  occurring 
only  at  the  CIO  level.And  a  significant  percentage  —  12%  —  had  totally 
separate  organizations. 

The  benefits  of  Layer  4  to  Layer  7  applications  management  are 
tremendous.  But  to  take  full  advantage  of  these  capabilities,  make  sure 
your  organization  is  converging  along  with  the  technology 


Make  sure  your 
organization  is 
converging 
along  with  the 
technology. 


Taylor  is  president  of  Distributed  Networking  Associates  and  edi¬ 
tor/publisher  of  Webtorials.com.  He  can  be  reached  at  taylor@ 
webtorials.com. 


REALITY  CHECK 

Thomas  Nolle 


tou’re  eating  dinner  after  a  hard  day’s 
work,  and  the  phone  rings.  It’s  a  telemar- 
keter.“Hey  I’m  on  the ‘Do  Not  Call’  list, so 
stop  calling  me,”  you  say.  He  laughs  and  keeps 
calling,  every  10  minutes,  day  and  night,  forev¬ 
ermore.  Sound  like  a  nightmare?  Maybe  not. 

What  keeps  telemarketers  from  calling  day 
and  night?  It’s  not  just  that  there  are  laws  against  it;  it’s  that  the  telemar¬ 
keters  can  be  identified  and  made  subject  to  those  laws.  Suppose  tele¬ 
marketing  invaded  the  VoIP  world,  creating  “vam”  instead  of  spam? 
What’s  to  stop  a  telemarketer  using  VoIP  from  spoofing  a  calling  address 
the  same  way  spammers  spoof  email  addresses?  Why  couldn’t  a  big 
server  in  some  offshore  haven  generate  zillions  of  Session  Initiation 
Protocol  (SIP)  calls  with  these  spoofed  addresses? 

What  kind  of  VoIP  we  get  is  likely  to  depend  on  how  pushy  we  are 
about  the  problems  of  vamming.The  time  has  come  to  recognize  that 
Internet  freedom  means  letting  people  protect  themselves  and  to  look 
more  closely  at  VoIP  service  technology 
The  standard  for  VoIP  SIP  establishes  an  open  model  where  users 
have  IP  phones  linked  to  the  permissive  Internet  infrastructure.  In  theo¬ 
ry,  anyone  who  can  locate  such  a  phone  via  scanning  can  call  it,  and 
with  the  cost  of  an  Internet  call  near  zero,  this  model  invites  vamming 
as  soon  as  the  community  of  open  VoIP  users  gets  large  enough  to 
exploit.  Fortunately,  this  isn’t  a  popular  model  among  VoIP  providers. 

What  is  popular  is  a  closed  model,  some  version  of  which  nearly 
every  VoIP  provider  uses  today  Under  it,  users  have  IP  phones  that  are 
in  some  way  isolated  from  the  open  and  uncontrolled  Internet  com¬ 
munity.  Some  providers, such  as  Skype,are  partitioning  through  the  use 
of  proprietary  protocols  and  encryption;  others,  such  as  Verizon,  are 
looking  at  doing  VoIP  over  a  true  VPN.  Either  of  these  approaches  would 
limit  access  to  VoIP  customers  by  outsiders,  including  telemarketers. 

In  a  closed  model,  users  can  be  authenticated,  which  makes  enforc¬ 
ing  civil  or  criminal  penalties  possible.  In  theory  VoIP  users  in  these 
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closed  systems  could  demand  that  their  carriers  filter  out  calls  from 
sources  not  subject  to  U.S.  telemarketing  laws.  If  all  members  of  a  VoIP 
community  are  identified,  and  called  parties  can  refuse  calls  that  are 
not  subject  to  prevailing  telemarketing  or  other  consumer  legislation,  it 
would  work  like  the  public  switched  telephone  network. 

The  devil  might  be  in  the  details  of  how  this  would  be  done.  SIP  has 
mechanisms  for  trust  and  authentication,  but  there  is  still  a  question  of 
how  multiple  VoIP  carriers  would  exchange  the  trust  information  on 
their  members  and  whether  you  can  trust  someone  else’s  customers.  A 
maverick  VoIP  carrier  might  become  a  leak  through  which  vammers 
can  enter.  A  vammer  might  set  up  someone  as  a  kind  of  Trojan  horse, 
entering  a  closed  VoIP  community  and  vamming  for  a  few  days,  then 
disappearing.  It’s  like  a  spammer  adopting  a  temporary  e-mail  account. 

Right  now,  we’ve  got  an  IP  voice  model  that’s  not  successful  enough 
to  be  targeted,  but  that’s  going  to  change.  Carriers  should  be  expected 
to  present  not  only  an  inexpensive  and  reliable  form  ofVoiPbut  also 
one  that  can  protect  consumers  from  vam.  For  VoIP  to  work,  we  need 
strong  authentication  of  user  identity  and  location,  and  a  reliable  way 
of  exchanging  identity  trust  between  carriers.  We’ll  also  need  technol¬ 
ogy  to  detect  abuse  and  quickly  shut  it  down. 

We’ve  messed  up  e-mail  by  letting  the  problem  of  spam  get  ahead  of 
our  ability  to  deal  with  it. We  can’t  afford  to  do  the  same  thing  with  VoIP 
We  need  VoIP  carriers  to  address  three  essential  issues:  how  they  will 
authenticate  their  customers’  identities;  how  they  will  let  customers  bar 
calls  that  can’t  be  made  subject  to  telemarketing  enforcement;  and 
how  they  will  exchange  identity  information  reliably  when  the  caller 
and  called  parties  are  on  different  networks. 

Voice  calling  is  essential  in  today’s  market.  Uncontrollable  calling  is 
intolerable,  and  a  few  good  vam  horror  stories  will  stop  VoIP  progress  in 
its  tracks. 


Suppose  telemar¬ 
keting  invaded 
the  VoIP  world, 
creating  ‘vam’ 
instead  of  spam? 


Nolle  is  president  of  CIMI,  a  technology  assessment  firm  in  Voorhees, 
N.J.  He  can  be  reached  at  (856)  753-0004  or  tnolle@cimicorp.com. 
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FEW  NETWORKING  PROFESSIONALS  GO  A  WEEK  WITHOUT  HEARING 

complaints  about  the  slow  speeds  they're  getting  at  the  remote  office.  The  natural 
response:  Upgrade  bandwidth.  But  with  more  conservative  IT  budgets  and  no 
guarantees  that  the  faster  link  will  support  applications  and  staff  for  the  next  six 
months,  much  less  the  next  year,  throwing  bandwidth  at  network  problems  isn't 
always  the  best  fix. 

As  corporate  networks  become  larger  and  faster,  ensuring  that  they're  smart 
and  efficient  has  become  a  huge  challenge.  Networks  and  the  demands  placed 
upon  them  are  ever-changing.  It  never  fails:  The  moment  a  network  manager 
thinks  he  or  she  has  everything  running  efficiently,  change  ensues — whether  a 
new  application  or  an  increase  in  the  number  of  employees. 

Rather  than  pounding  their  heads  in  frustration,  network  and  IT  managers 
should  take  note  of  some  emerging  options  available  to  simplify  the  WAN  design 
and  operation.  One  of  the  growing  areas  of  interest  to  IT  executives  is  network- 
optimization  products  and  services,  which  can  help  IT  staffs  retool  their  network 
infrastructures,  predict  potential  problems,  and  better  plan  for  the  future. 


First,  it's  important  to  understand  what's  driving  this  insatiable  demand  for 
bandwidth.  An  overwhelming  number  of  employees — 87%  to  be  exact,  according 
to  Nemertes'  research — work  at  locations  other  than  a  headquarters  building  or 
corporate  campus.  Perhaps  it's  a  large  regional  facility,  a  warehouse,  a  small 
sales  office,  a  retail  store,  or  even  a  home  office.  The  bottom  line  is  that  they  rely 
heavily  on  a  wide-area  network  to  access  the  applications  that  let  them  do  their 
jobs.  Furthermore,  two-thirds  of  IT  executives  say  they  expect  their  companies 
will  hire  even  more  remote  workers  moving  forward.  Rather  than  expanding 
office  space  in  often — expensive  headquarter  cities,  companies  are  extending 
their  virtual  boundaries  and  paying  "rent"  to  carriers  for  circuits  rather  than  land¬ 
lords  for  physical  space. 

That's  not  the  only  major  trend  underway.  Most  organizations  are  seeing  their 
bandwidth  requirements  skyrocket-often  reporting  growth  in  the  triple  digits. 
Accounting  for  that  growth  is  the  fact  that  companies  are  increasingly  "pushing" 
applications  out  to  the  remote  workforce,  as  well  as  adding  new  applications — 
such  as  IP  telephony  and  Web  services — that  consume  additional  bandwidth.  That 
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means  applications  that  once  were  restricted  to  (and 
indeed  only  needed  in)  the  LAN  must  be  extended 
nationwide  and  often  globally,  affecting  everything 
from  security  policy  to  disaster  recovery  to  switching 
fabrics.  New  applications  have  arisen  that  are  now 
"mission-critical."  And  a  demanding  workforce  won't 
tolerate  slow  response  times.  What  this  trend 
indicates  from  an  infrastructure  perspective  is  a  need 
for  more  bandwidth. 

Or  does  it?  For  years,  companies  have  thrown 
bandwidth  at  network  performance  problems.  But 
network  optimization  products  and  services  rely  on 
technologies  such  as  compression,  caching,  route 
optimization,  and  quality  of  service  to  reduce  the 
amount  of  bandwidth  that  applications  consume. 

Because  the  ROI  typically  is  a  compelling  three 
months  to  12  months  (for  circuits  at  T1  and  below), 
network  optimization  is  gaining  traction  among 
organizations.  On  average,  the  first-year  costs  for 
bandwidth  optimization  on  a  128  kbps  circuit  are 
$4,108  (73%  of  remote  office  circuits  are  256  kbps 
and  slower;  25%  of  regional  office  circuits  are  256 
kbps  and  slower).  Upgrading  that  circuit  can  yield 
annual  cost  increases  ranging  from  $3,600  to 
$12,000,  the  higher  prices  on  international  circuits. 
(See  "Total  Bandwidth  Optimization  Costs"  below). 


Total  Bandwidth  Optimization  Costs  -  Year  1 

item 

128K 

T1 

Device 

$2,590 

$9,606 

Installation 

$1,000 

$1,000 

Total  One-time 

$3,590 

$10,606 

Maintenance 

$518 

$1,921 

Total  Year  1 

$4,108 

$12,527 

However,  many  IT  executives  don't  use  network- 
optimization  technology  because  they're  skeptical  of 
it,  don't  have  time  to  assess  it,  or  are  unfamiliar  with 
the  players,  according  to  Nemertes'  "Maximizing 
Your  WAN"  research  series,  which  gathered  input 
from  100  IT  executives.  (For  a  short  list  of  vendors, 
please  see  textbox.) 

So  what  exactly  is  this  technology  and  how  does 
it  work?  To  start,  Figure  1,  "Typical  Network 
Performance,"  identifies  some  fundamental  problems 
with  WAN  communications.  In  some  cases,  there's 
simply  not  enough  bandwidth,  causing  congestion, 
latency,  dropped  packets  and  overall  poor  perform¬ 
ance.  In  other  cases,  there  are  no  quality-of-service 
parameters  set,  so  latency-sensitive  applications  don't 
perform  well.  Furthermore,  latency  also  can  be  caused 
by  the  nature  of  TCP/IP,  as  further  packets  aren't  sent 
until  acknowledgements  of  the  previous  packets  are 
received.  This  latency  may  not  be  troublesome,  but  the 
bandwidth — and  route-optimization  vendors  can 
implement  some  techniques  that  reduce  latency  by 
30%  or  more.  The  effect  is  that  end  users  receive  the 
information  they  need  faster  (For  instance,  think  of 
loading  a  Web  page  that's  moderately  slow  versus  one 
that's  moderately  fast.) 

A  few  key  techniques  are  available  to  address  these 
problems  to  improve  overall  performance  and  reduce 
costs.  Each  has  its  advantages  and  disadvantages.  But 
when  used  together  or  when  used  individually  for  the 
appropriate  applications,  the  results  are  an  increase  in 
available  bandwidth  ranging  from  100%  to  500%. 

COMPRESSION 

Compression  algorithms  essentially  reduce  the 
actual  size  of  data  and  files  traveling  across  the  net¬ 
work.  By  replacing  repetitive  information  with  tokens 
of  smaller  size,  compression  tools  reduce  the  size  of 
the  files,  freeing  more  bandwidth. 

The  challenge  is  leveraging  the  benefits  of  com¬ 
pression  without  compromising  network  performance. 
The  most  common  compression  technique,  the 


Lempel-Ziv  or  LV  compression,  breaks  data  files  into 
frames.  Each  time  the  compression  software  finds  a 
repetitive  string  within  the  frame,  it  substitutes  the 
second  and  subsequent  strings  with  a  pointer  that 
states  what  to  use  in  its  place.  For  instance,  take  a 
look  at  the  data  in  this  sample  frame: 

Mariana  Inc.  asks  its  customers  to  be  patient. 
Mariana  Inc.  asks  this  because  it  is  trying  to  help 
customers  in  the  long  run. 


The  compressed  frame  might  look  like  this: 

Mariana  Inc.  asks  its  customers  to  be  patient.  **ft 
asks  this  because  it  is  trying  to  help  ft**  in  the 
long  run. 


The  first  **tt  basically  says  "go  back  52  bytes  from 
the  current  location  and  replace  with  the  next  12 
bytes."  The  second  token  does  the  same  for  the  word 
"customers." 

The  problem  with  this  approach  is  that  it  breaks 
long  files  into  frames.  If  "Marina  Inc."  were  in  subse¬ 
quent  frames,  the  algorithm  couldn't  refer  back  the 
"Marina  Inc."  in  an  earlier  frame.  That  makes  the 
compression  less  efficient.  The  obvious  solution  is  to 
make  the  frame  sizes  larger.  This  is  fine  for  static  text 
files  that  aren't  being  transmitted  across  a  network 
with  time  constraints,  but  it's  not  possible  for  those 
that  are  sensitive  to  latency  because  larger  frames 
would  increase  the  delay.  What's  more,  this  type  of 
compression  doesn't  work  at  all  on  pre-compressed 
data,  such  as  ZIP  files,  images  or  videos. 

CACHING 

In  their  earliest  versions,  caching  tools  helped 
improve  response  time  on  the  Internet.  By  storing  and 
regularly  updating  Web  site  content  on  cache  servers 
scattered  in  data  centers  across  the  Internet,  ISPs 
could  deliver  cached  content  from  a  server  closest  to 
the  individual  requesting  it.  That  way,  less  content 
had  to  travel  across  the  circuits  and  routers  that  made 
up  the  Web. 

The  problem  is  that  Web  caching  products  don't 
support  other  non-http-based  apps,  such  as  enter¬ 
prise-resource  planning  or  customer-relationship 
management.  Vendors  have  since  developed  enter¬ 


prise  caching  products  that  essentially  do  the  same 
for  business  networks.  Typically,  they  work  with 
compression.  Here's  how  it  typically  works:  A  device 
sits  on  each  end  of  a  circuit  and  looks  for  repetitive 
data  (each  vendor  uses  different  compression 
algorithms  to  do  this).  When  it  finds  repetitive  data 
or  images,  it  replaces  those  with  a  token.  That  token 
then  sits  in  the  "cache  memory"  of  those  devices. 
When  the  packet  leaves  site  A,  it's  compressed  and 
the  repetitive  data  is  replaced  with  a  token  stored 
in  the  cache.  On  the  receiving  end,  the  cache 
reassembles  the  packets  to  their  original  forms. 

Several  options  exist  for  Internet  routing. 
Companies  can  use  Web  cache  tools,  which  store  http 
content  on  various  local  servers  and  deliver  it  to  the 
nearest  end  users,  alleviating  the  need  to  send  traffic 
across  the  entire  network.  Numerous  Web  cache 
vendors  offer  such  products  that  sit  in  corporate  data 
centers.  For  those  who  don't  want  to  manage  their 
own  cache  servers,  providers  offer  the  function  as  a 
service,  known  as  "content-delivery  networks,"  for 
both  high-content  ISPs  and  enterprises. 

QoS 

Compression  and  caching  technologies  reduce  the 
amount  of  traffic  that  traverses  the  network.  They  free 
up  some  bandwidth,  but  they  don't  determine  which 
network  traffic  gets  priority,  or  which  would  make  the 
most  efficient  use  of  the  newly  freed  bandwidth.  QOS 
tools,  which  come  in  all  forms  (within  routers,  within 
bandwidth-  and  route-optimization  tools,  and  in 
stand-alone  products)  tell  the  router  which  traffic  gets 
priority  over  which.  They  also  give  administrators  the 
ability  to  preset  how  much  bandwidth  to  "reserve" 
for  each  application,  which  they  can  alter,  based  on 
time  of  day  or  month. 

Some  of  the  tools  offer  granular  application  control 
by  assessing  contents  at  Layer  7.  For  example,  they'll 
look  at  specific  URLs,  while  Layer  4  tools  will  look  at 
port  numbers  to  determine  Web  traffic.  The  tools 
provide  solid  management  and  monitoring  capabilities 
that  deliver  insight  to  network  performance,  and 
enforce  policies  by  application  and  time  of  day. 

Most  routers  and  switches  provide  QOS  capabili¬ 
ties,  but  they're  more  limited  than  the  above-mentioned 
tools  in  that  they  simply  prioritize  applications  based 
on  IP  addresses  orTCP/UDP  port  numbers. 


FIGURE  1:  Typical  Network  Performance  Problems 


Problem  Spot:  v 
Application  contention  for 
available  bandwidth 


Problem  Spots^J 


Latency 


Small  rfemota 
office 


Problem  Spot: 

Lack  of 
bandwith^^ 


,JetworkVtor1d' 

VJ CUSTOM  MEDIA  SOLUTIONS^ 


Ready  to  take 
traffic  management 
to  the  next  level? 


Current  methods  of  managing  traffic  by  establishing  Take  traffic  management  to  the  next  level  by  deploying  application  acceleration  and  bandwidth 
and  constantly  tweaking  policies  are  labor-intensive  efficiency  tools  that  reduce  WAN  costs  and  improve  response  times.  Expand  Networks  offers  a 

and  inefficient.  complete  framework  for  easily — and  automatically — improving  the  performance  of  distributed 

enterprise  applications. 

Accelerator"  appliances  allow  you  to  increase  average  network  capacity  and  improve  application 
response  times  by  100-400%,  stop  bandwidth  abuse  and  align  network  resources  with  business 
priorities.  Learn  how  to  gain  an  accelerated  ROI  in  3-9  months,  and  find  out  why  more  than  1,000 
customers  have  already  deployed  more  than  20,000  Accelerators  in  over  70  countries. 

Reap  the  rewards  of  automated  application  traffic  management  today. 

Try  our  demo  at  www.expand.com/demo 


Accelerator  and  Expand  Networks  are  trademarks  of  Expand  Networks,  Inc 


aftlist  of  NetWOrk-Optimization  Providers 


Elxpand 

Netcelera 

Racketeer 

Peribit 

Redline  Networks 

QOS  Products 

Allot 

Cisco 

Expand 

Extreme 

Lucent 

Netcelera 

Nortel 

Peribit 

3Gom 

Sitara 

Route  Control  Products 
Proficient  Radware 

RouteScience 

Route  Control  Services 
Equinix 

Route  Control  Products  and  Services 
Internap 

Web  Caching  Products 
Cacheflow  Cisco 

F5  Networks  Inktomi 

Stratacache 

Web  Caching  Services 
Akami  Digital  Island 

Equant  MCI 

Speedera  Sprint 


NETWORK  SIZING 

Rarely  is  an  IT  staff  completely  comfortable  with 
the  amount  of  bandwidth,  or  the  capacity  of  the 
circuit,  on  the  WAN.  Typically,  applications  use  all  the 
bandwidth  available  to  them  at  any  given  time,  which 
creates  contention  among  applications  and  causes 
performance  to  suffer.  Though  the  techniques  above 
can  help  reduce  traffic,  decrease  latency,  and  priori¬ 
tize  applications,  often  the  amount  of  bandwidth 
simply  isn't  enough  for  the  applications  and  number 
of  users  at  hand.  We  find  this  to  be  particularly  true 
when  companies  converge  voice,  data,  and  video  traf¬ 
fic  on  a  single  network  without  conducting  a  thorough 
baseline  QOS  analysis  prior  to  adding  the  new  traffic 
types.  What's  more,  companies  have  increased  LAN 
speeds  much  more  than  they  have  increased  WAN 
speeds,  so  there's  essentially  a  greater  mismatch 
between  the  two  than  there  has  been  in  the  past. 

ROUTE  OPTIMIZATION 

Route-optimization  tools  and  services  have  two 
primary  goals:  to  improve  the  performance  of 
Web-based  traffic  by  managing  the  links  between 
multiple  ISPs;  and  to  reduce  costs  by  sending  traffic 
along  the  cheapest  route  at  a  given  time  based  on 
pre-established  parameters.  Because  the  Internet  is  a 
network  of  networks,  each  with  erratic  and  fluid 
performance  characteristics,  it's  virtually  impossible 
to  have  extremely  predictable  traffic  flows. 

Companies  with  dual-homed  or  multi-homed 
Internet  access  can  buy  products  that  sit  on  their  own 
networks  and  determine  the  best  path  for  the  traffic. 


Or,  they  can  use  services  that  do  the  same  for  them — 
essentially,  the  customer  buys  one  large  access  line 
into  the  provider,  which  in  turn  links  to  multiple  ISPs 
and  uses  sophisticated  tools  to  determine  how  to  best 
route  the  traffic.  Basically,  they  analyze  response 
times  and  send  traffic  along  the  route  that  offers  the 
best  performance  at  a  given  time,  within  pre-set 
parameters  that  take  into  account  pricing  plans. 

The  tools  have  a  nice  side  benefit,  too.  By 
gathering  performance  data  on  the  links,  they  can 
validate  whether  ISPs  are  meeting  their  service-level 
agreements  (SLAs). 

The  route-optimization  market  segment  has 
consolidated  quite  a  bit  in  the  last  few  years,  but  some 
viable  players  still  exist.  IT  professionals  can  use  either 
products  or  services  to  improve  performance  and 
cost-effectiveness  of  their  Internet  traffic. 

VITAL  INFORMATION:  IMPROVED  MONITORING 

A  huge  value  that  comes  with  most  network- 
optimization  tools  is  information.  The  insight  these 
tools  offer  about  network  performance,  traffic  patterns, 
and  users  helps  network  managers  impose  optimal 
designs. 

By  providing  companies  with  some  basic  informa¬ 
tion,  such  as  the  type  of  traffic  and  applications  that 
run  across  the  network — and  how  much  bandwidth 
each  traffic  type  uses — network  architects  can 
ensure  that  the  precious  bandwidth  that  is  available 
isn't  overrun  by  non-business  apps.  "We  do  plan  to 
use  [the  technology]  to  cut  down  on  peer-to-peer 
traffic,"  says  the  CIO  of  a  university.  "We  will  look  at 
bandwidth  optimization  if  it  becomes  a  problem. 
It  will  start  hitting  us  when  we  put  video  on  the 
network;  that  will  happen  one  year  from  now.  Then, 
we  will  need  some  tools.  I  thought  I  might  have  to 
deal  with  it  with  the  voice  traffic,  and  I'm  getting 
ready  for  the  video  on  the  network.  That  will  be 
when  I  really  start  looking  at  managing  bandwidth." 

MARKET  OPPORTUNITIES 

Given  the  growth  in  the  number  of  remote 
workers,  the  increasing  demand  for  faster  speeds,  and 
the  rise  in  Web-based  applications  and  Web  services, 
the  network-optimization  market  is  ripe  for  growth. 
When  compression  first  emerged  on  a  large  scale,  its 
purpose  was  to  make  slower  modems  perform  better. 
But  when  the  modems  got  faster  and  broadband 
entered  the  picture,  the  idea  of  "compression"  faded 
in  many  respects.  If  these  tools  were  solely  "compres¬ 
sion,"  for  instance,  they  wouldn't  be  as  integral  to 
designing  efficient  network.  But  because  the  vendors 
are  focused  on  myriad  problem-solving  capabilities, 
they  have  a  broader  appeal. 

By  focusing  on  not  only  compression  and 
caching,  but  also  on  management,  QOS,  and  latency- 
reduction,  the  vendors  have  poised  themselves  to 
become  essential  to  well-designed  networks.  One 
such  opportunity  centers  around  professional  services, 
which  can  conduct  network-optimization  assessments. 

Others  include  partnership  with  voice-over-IP 
vendors,  so  that  organizations  that  are  converging 
their  voice  and  data  networks  can  design  an 
efficient  infrastructure.  According  to  Nemertes' 
"Implementing  IP  Telephony"  study,  64%  of  enter¬ 
prises  are  using  VOIP  (in  some  capacity-many  are  just 
starting  small  rollouts)  and  20%  are  running  trials. 


The  addition  of  bandwidth-optimization  tools  to 
VOIP  vendor  products  would  provide  much-needed, 
value-added  help  and  control  with  network  design 
and  ongoing  management. 

And  finally,  partnerships  with  carriers  ultimately 
will  respond  to  user  demand  for  optimal  networks. 
A  small  number  of  large  companies  that  outsource 
network  management  to  the  carriers  already  mandates 
that  the  carriers  use  bandwidth-optimization  gear  to 
maximize  network  performance.  Though  the  carriers 
don't  offer  bandwidth-optimization  as  an  "official" 
service,  many  provide  it  "unofficially,"  and  charge  a 
management  fee  for  the  service.  (After  all,  the  more 
optimized  a  network  is,  the  less  bandwidth  that 
customers  need,  which  naturally  decreases  revenue 
for  the  carriers.) 

Network  optimization  will  become  more  crucial 
as  networks  become  more  complex.  Demands  for 
faster  speeds  won't  die  down  anytime  soon,  and 
organizations  don't  have  an  endless  budget  for 
additional  bandwidth.  So  making  the  most  of  the 
existing  infrastructure  will  become  the  hallmark  of  a 
well-designed,  cost-efficient  network  moving  forward. 


Product  Assessment  &c  Selection 


Unlike  with  other  areas  of  networking,  IT 
professionals  are  not  spending  a  lot  of  time 
comparing  and  contrasting  vendors  in  the  network- 
optimization  space.  Typically,  a  vendor  approaches 
them  with  a  trial  product,  they  try  it,  they  like  it  and 
they  buy  it.  Considering  that  more  than  one-third 
are  unfamiliar  with  the  technology  and  25%  don't 
have  time  to  evaluate  it,  we  wouldn't  expect 
companies  to  devote  many  resources  to  extensive 
product  testing  and  assessment. 

However,  we  do  recommend  that  companies 
take  advantage  of  the  willingness  of  the  equipment 
vendors  to  provide  free  trials  of  their  gear. 

Order  equipment  for  a  free  trial  from  two 
vendors  for  side-by-side  comparisons  on  your 
most  heavily  used  circuit  (one  that's  ready  for 
an  upgrade  would  be  good),  paying  particular 
attention  to: 

•  the  amount  of  time  it  takes  to  get  the  equip¬ 
ment  delivered; 

•  the  amount  of  time  it  takes  to  install  the 
equipment; 

•  the  complexity  of  the  installation; 

•  how  quickly  you  see  bandwidth  availability 
increase; 

•  what  network  or  application  visibility  you 
gain; 

•  how  easy  it  is  to  set  policies  to  leverage  that 
information; 

•  vendor  responsiveness  and  customer  service. 

Then,  create  a  weighted  spreadsheet  and 
rate  the  vendors  on  each  of  the  above-.mentioned 
areas.  Calculating  a  quick  ROI  will  illustrate 
whether  the  price/performance  trade-off  is  worth 
further  exploration.  In  most  cases,  it  will  be.  Then, 
negotiate  with  the  vendors  for  the  best  prices. 
Running  a  trial  with  more  than  one  vendor  may 
be  more  time-consuming,  but  it  will  yield  more 
leverage  during  price  negotiations. 
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ADVERTISEMENT 


Linking  Network  Management 
and  Business  Success 

Lucent  Technologies  VitalSuite®  software  syncs  up  business  and  IT  goals 
by  delivering  dramatic  improvements  in  IT  and  end  user  productivity. 


IDC  finds  VitalSuite®  software 
delivers  cost  savings,  rapid  ROI 

Average  Three- 


Year  Savings 

Increased  user  productivity 

$10,303,465 

Increased  IT  staff  productivity 

$9,167,166 

Increased  IT  staff  efficiency 

$1,623,121 

Other  benefits* 

$345,844 

Total 

$21,439,596 

ROI 

719% 

Payback 

133  days 

*  Includes  recaptured  revenue  and  savings  from  reduced 
capital  and  IT  travel  expenditures,  virus  avoidance  and  lower 
outsourcing  costs. 

SOURCE:  IDC  customer  interviews,  2004 


"  When  we  purchased 
the  product,  we  had 
two  people  handling 
500  devices.  Now  we 
can  handle  5,000 
devices  with  only 
four  people 

VitalSuite®  software  customer 


More  than  ever,  enterprises  understand 
that  IT  infrastructure  must  be  aligned  with 
critical  business  processes  to  ensure  corpo¬ 
rate  success.  IT  and  telecommunications  ana¬ 
lyst  firm  IDC  has  confirmed  that  Lucent 
Technologies  VitalSuite®  Performance 
Management  Software  portfolio  helps 
enterprises  achieve  success  by  improving  the 
management  of  key  IT  resources  as  well  as 
the  productivity  of  IT  staff  and  end  users. 

The  award-winning,  industry-leading 
VitalSuite®  portfolio  is  a  set  of  four  modular 
software  components  that  monitor  network 
and  application  performance,  analyze  and 
map  network  events  in  real  time,  quickly  gen¬ 
erate  detailed  reports  about  network  behav¬ 
ior  and  measure  performance  from  the  end 
user's  perspective.  Collectively,  these  modules 
provide  visibility  into  and  control  over  the 
entire  infrastructure  from  a  central  location, 
enabling  IT  to  discover  and  address  network 
performance  issues  before  they  affect  application 
delivery  —  and  business  results. 

Smaller  staff,  bigger  ROI 

From  its  interviews  with  enterprises  that  employ 
VitalSuite®  software,  IDC  found  the  product  provides 
savings  in  many  tangible  ways,  including  increased  user 
productivity  resulting  from  improved  network  and 
application  availability.  IDC  determined  that,  on  aver¬ 
age,  network  management  processes  required  30%  less 
IT  staff  time  after  VitalSuite®  software  was  deployed. 
The  study  also  concluded  that  the  software  enabled  cus¬ 
tomers  to  reduce  IT  staff  by  12%  over  three  years. 

Taken  together,  the  average  savings  for  all 
VitalSuite®  software  customers  interviewed  by  IDC 
was  $58,155  per  100  users.  That  translates  into  a 
return  on  investment  (ROI)  of  719%  and  an  average 
payback  period  of  just  133  days. 

IDC  found  that  VitalSuite®  software  can  help  cus¬ 
tomers  deal  with  the  increasing  pressure  to  inte¬ 
grate  new  technologies  into  their  environments, 
including  Voice  over  IP  (VoIP),  wireless  devices,  Web 
services  and  even  new  hardware  formats  such  as 
blade  servers.  The  Lucent  software  also  helps  enter¬ 
prises  meet  quality  of  service  demands  that  relate 
directly  to  service  quality  and  business  value. 

Actual  customers,  impressive  results 

One  of  the  companies  IDC  interviewed  installed 
VitalSuite®  software  following  a  corporate  merger. 


The  two  companies  used  different  performance 
management  tool  sets,  but  the  merged  entity  decid¬ 
ed  to  replace  both  products  with  Lucent's  network 
management  software.  "VitalSuite®  gave  us  more 
information  on  capacity  and  traffic  by  protocol, 
which  we  thought  was  vital,  and  a  greater  range  and 
flexibility  of  reports,  which  could  be  made  specific  to 
departments  like  marketing  or  shipping,"  the  cus¬ 
tomer  told  IDC. 

Another  customer  was  enthusiastic  about  the  sys¬ 
tem's  reporting  tool.  "Before,  you  might  have  to 
wait  two  weeks  for  an  administrator  to  create  a 
report  for  you.  Now,  you  can  make  your  own  reports 
in  10  minutes,"  the  customer  said. 
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Learn  more  about 

Lucent  Technologies 
award-winning 
VitalSuite®  software 


Download  an  IDC  white  paper  detailing  the 
findings  from  its  interviews  with  VitalSuite® 
software  customers. 

>,  r  •  .  .  /  .. .  \v.  '  . .  • 

Go  to:  www.nwfusion.com/lucenWitalSuite 


Yet  another  customer  spoke  of  the  tremendous  IT 
productivity  gains  VitalSuite®  software  provides. 
"When  we  purchased  the  product,  we  had  two  peo¬ 
ple  handling  500  devices.  Now  we  can  handle  5,000 
devices  with  only  four  people." 

Perhaps  more  importantly,  IDC  found  that  48%  of 
the  total  savings  customers  gained  from  VitalSuite® 
software  came  in  the  form  of  increased  end  user  pro¬ 
ductivity,  an  average  of  more  than  $3.4  million  per 
year.  That's  the  kind  of  figure  that  speaks  to  a  truly 
sound  alignment  of  IT  and  business  goals. 
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FREE  EVENT  FOR 
QUALIFIED  PROFESSIONALS 


MODERATOR 

Dr.  Jim  Metzler 


DISCOVER  HOW  TO: 

deploy  virtual  private  networks  including 

SSL  VPNs  and  IPSec  VPNs 

blend  WiFi  with  cellular  data  services  to 

support  mobile  workers 

gain  IOC  Ethernet  speed  on  public  net 

works  available  to  desktops 

coordinate  solutions  from  diverse  carriers 

and  service  providers 

:  and  evaluate  the  latest  prevention  and 
detection  security  solutions 

WHO  WILL  BE  THERE? 

►  Expert  Event  Leaders 

*  Jim  Metzler,  President,  Ashton,  Metzler 
and  Associates,  Network  Consultants 

-  Sandra  Gittlen,  Events  Editor  for 
Network  World 

And  leading  WAN  Managers,  Directors 

and  VPs  of: 

►  Planning 

►  Network  Design 

*■  Architecture 

*■  Telecommunications 

►  Networking 


One  year  from  today,  will  you  -  and  management  -  say  you 
made  the  right  WAN  decisions?  Or  will  you  think,  “If  I  had 
only  known  then  what  I  know  now?”...  about  emerging  VPN 
alternatives.  Secrets  of  VoIP  deployment.  Balancing  security  and  availability. 
Implementing  service  management  technology. 

You  can  wait  for  answers  or  you  can  attend  WANs:  Survival  of  the 
Fittest. ..Fastest.. .Smartest  the  new  Network  World  Technology  Tour 
event  and  get  them  now.  If  you  want  to  be  a  part  of  the  successful  future 
of  WAN,  this  is  a  must-attend,  demo-packed  day.  It’s  the  one  place  to  gain 
across-the-enterprise  tools,  technologies  and  expertise  you  need  to  evolve 
an  effective  and  efficient  WAN,  ready  for  whatever  tomorrow  may  bring. 

Attendance  is  free,  but  access  is  limited  to  network  professionals  who  reserve  in  advance.  This  exclusive  WAN  event  is 
sure  to  fill  fast,  so  register  now. 

Advance  Reservation  by  Qualified  Professionals  is  Required  for  Complimentary  Attendance 

Register  now  at  WWW.  nwfusion.com/WAS4A2  or  call  1  -800-643-4668 


PLATINUM  PRESENTING  SPONSORS: 


How  should  your  architecture 
support  on-demand,  automatic, 
or  grid  computing? 

How  should  you  adopt  Web- 
enabled  and  service-oriented 
applications? 

How  should  you  separate  and 
blend  wireless  and  wireline? 
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This  event  is  limited  to  Network  and  IT  professionals  involved 
m  the  evaluation,  purchase  and  implementation  of  WAN  and 
Network/IT  products  and  services.  Network  World  Events 
reserves  the  right  to  determine  total  audience  and  profile  of 
complimentary  attendees.  Paid  registration  is  also  available. 


To  join  sponsors  of  this  premier  Network  World  Event,  please  contact  Andrea  D'Amato  at  1  -508-490-6520  or  adamato@nww.com  for  free,  no-obligation  information. 
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Network  configuration 


management 

■  BY  GREG  GODDARD  AND  CURTIS  FRANKLIN,  NETWORK  WORLD  LAB  ALLIANCE 

Dilbert  comic  strip  creator  Scott  Adams  once  said, “Managing  engineers  is 
like  herding  cats.” The  same  can  be  said  for  managing  the  configurations 
of  your  network  equipment.The  network’s  size,  performance  and  security 
have  made  knowing  and  managing  the  configuration  of  individual  com¬ 
ponents  more  important  than  ever. 


Network  configuration  management 
systems  should: 

•  Correctly  establish  the  existing  config¬ 
uration  of  the  network. 

•  Support  a  multi-vendor  network  infra¬ 
structure. 

•  Let  administrators  make  one-time 
changes  or  automated  changes  based  on 
established  policies. 

•  Cooperate  with  existing  network  man¬ 
agement  and  security  components. 

•  Provide  informative  data  through  a 
reasonable  management  console. 

We  tested  five  products:  AlterPoint’s 
DeviceAuthority  Suite,  Dorado  Software’s 
RedCell,  Rendition  Networks’ TrueCon- 
trol  3.0, Tripwire’s  Tripwire  for  Network 
Devices  (TND)  and  Voyence's  Voyence- 
Control.  Cisco,  Gold  Wire  Technology  and 
Intelliden  declined  our  invitations. 

Rendition’s  TrueControl  wins  our  Clear 
Choice  Award  for  the  best  network  con¬ 
figuration  management  tool.  While  its 
user  interface  is  not  the  most  intuitive,  it 
provides  access  to  a  wealth  of  detailed 
information.  Its  search  capabilities  and 
security  model  are  certainly  the  most 
robust  of  any  of  the  products.  Its  mix  of 
compliance-detection  and  reporting  are 
top-notch  and  overcome  the  lack  of  auto¬ 
discovery  which  is  easily  provided  using 
an  external  network  management  sys¬ 
tem.  While  TrueControl  came  out  ahead 
of  its  competition,  the  other  products 
fared  well. 

TrueControl 

TrueControl  consists  of  a  secure  man¬ 
agement  engine  along  with  syslog  and 
Trivial  FTP  (TFTP)  servers.  The  True¬ 
Control  product  stores  its  information  in 
a  SQL  database,  and  does  not  force  a  net¬ 
work  administrator  to  choose  a  specific 
database  engine;  TrueControl  supports 
mySQL,  Oracle  and  SQL  Server  2000 
installations. 

The  system  does  not  provide  device 
auto-discovery  because  Rendition  says 
most  customers  will  use  an  existing  net¬ 


work  management  system  (devices  can 
be  imported  using  comma-separated 
value  [CSV],  formatted  files).  Device 
password  rules  are  used  to  associate  cre¬ 
dentials  with  a  device  (SNMP  passwords 
may  be  entered  in  addition  to  telnet  and 
enabled  passwords)  and  can  be 
assigned  to  a  specific  device  or  multiple 
devices.  TrueControl  also  can  automati¬ 
cally  configure  a  device  to  log  messages 
to  the  system’s  syslog  server. 

TrueControl  supports  most  vendor 
equipment,  with  Juniper  being  the  one 
exception.  (Rendition  says  Juniper  is 
not  on  the  list  because  its  customers 
don’t  use  Juniper  devices  in  its  net- 
works.This  shows  that  multi-vendor  sup¬ 
port  in  each  of  these  products  is  heavily 
customer-driven.)  The  system  integrates 
with  a  number  of  network  management 
systems,  including  HP  OpenView  Net¬ 
work  Node  Manager,  Nortel  Optivity  and 
Remedy  ARS. 

Rendition’s  system  provided  excellent 
search,  audit  and  report  capabilities  — 
devices,  modules,  configurations,  tasks, 
sessions  and  events  all  can  be  checked 
against  specified  criteria.  TrueControl 
can  make  changes  to  the  start-up  and 
running  configurations  of  network  de¬ 
vices.  Groups  of  equipment  can  be  cre¬ 
ated  to  monitor  and  change  configura¬ 
tions  on  a  more  easily  managed  basis. 
Read/write  command  scripts  (as  op¬ 
posed  to  diagnostic  scripts,  which  are 
read-only)  can  be  created  and  issued  to 
perform  different  tasks  on  devices  or 
groups  —  commands  sent  to  a  particular 
device  also  can  be  recorded  and  “played 
back”  at  a  later  time.  TrueControl  can  be 
used  to  deploy  user  and  SNMP  pass¬ 
words,  which  makes  a  once-arduous  task 
easy  to  complete. 

In  our  testing,  devices  had  to  be  manu¬ 
ally  added  because  of  the  lack  of  auto¬ 
discovery.  TrueControl  correctly  identi¬ 
fied  the  more  mainstream  Cisco  devices 
but  did  not  correctly  identify  our  MSFC3 
or  the  Supervisor  Engine  720  (see  “How 


we  did  it,” page  39). The  Cisco  10720s  also 
came  up  unidentified.We  received  a  new 
driver  that  added  support  for  the  MSFC3 
and  the  Supervisor  Engine  720,  but  were 
told  that  the  Cisco  10720  is  an  unsup¬ 
ported  device. 

Once  devices  had  been  added  to  the 
inventory  configuration  snapshots  were 
taken.  Configurations  on  our  network  de¬ 
vices  were  then  changed,  and  True¬ 


Control  let  us  view  differences  in  three 
ways:  contextually  (showing  us  only  the 
portions  of  the  configuration  that  had 
changed),  using  a  Unix-style  diff  view,  or 
viewing  the  full  text  of  the  current  and 
previous  configurations  side  by  side. 

TrueControl  detects  real-time  changes 
via  its  proxy  interface  (which  lets  telnet 
and  Secure  Shell  [SSH]  access  each  de¬ 
vice  in  the  inventory), SNMP  traps  and  in¬ 
formation  directed  at  TrueControl’s  sys¬ 
log  server.  Notifications  and  reports  can 
be  configured  (Simple  Mail  Transfer  Pro¬ 
tocol  [SMTP]  alerts  are  one  example) 


and  sent  to  administrators  when  changes 
occur. 

TrueControl  provides  a  Web  and  com¬ 
mand-line  interface  (CLI)  for  users  to 
access  command  functions.  Although 
the  Web-based  user  interface  was  fairly 
straightforward,  it  wasn’t  as  intuitive  as 
AlterPoint’s  DeviceAuthority.  Like 
Voyence,  Rendition  always  sends  engi¬ 
neers  on-site  to  install  the  product  with 


the  customer. The  next  release  will  incor¬ 
porate  advanced  scripting  support,  best 
practices  reporting,  graphics  capabilities 
and  file  system  support. 

DeviceAuthority 

AlterPoint’s  DeviceAuthority  Suite  in¬ 
cludes  DeviceAuthority  Server  2.0,  De¬ 
viceAuthority  Audit  Module  2.0  and 
DeviceAuthority  Update  Module  l.O.The 
DeviceAuthority  Server  is  the  most 
important  piece  of  the  suite  and  pro¬ 
vides  services  such  as  user  credential 
management,  device  version  control 
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TrueControl  provided  excellent  search,  audit  and  reporting  capabilities  for  network  devices, 
configurations  and  events. 
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and  backup,  scheduling,  reporting  and 
notification  to  the  DeviceAuthority  Audit 
and  Update  Modules.  It  incorporates 
multi-vendor  support  (20  vendors  are  sup¬ 
ported).  It  also  provides  a  repository  of 
network  configuration  information  that 
ran  be  integrated  with  external  network 
management  systems  and  updated  in  real 
time  based  on  changes  received  from 
TACACS+,  RADIUS  and  the  syslog. 

The  Audit  Module  is  aimed  at  network 
managers  and  provides  visibility  into  net¬ 
work  devices  and  gives  an  administrator 
hardware,  software  and  configuration  de¬ 
tails  in  real  time  or  on  a  scheduled  basis. 
.Reporting,  change  notification  and  com¬ 
parison,  and  configuration  recovery  are  the 
key  features  of  this  module.  Five  predefined 
reports  or  custom  reports  based  on  one  of 
seven  report  templates  can  be  scheduled 
or  generated  on  demand  in  a  variety  of  out¬ 
put  formats  (HTML,  PDF  text,  CSV  and 
XML).  Notifications  and  reports  also  can  be 
sent  via  SMTP  on  a  scheduled  or  incident- 
triggered  basis. 

The  Update  Module  is  geared  to  the 
needs  of  network  engineers  and  focuses 
on  managing  change  in  network  compo¬ 
nents.  AlterFbint  lets  each  customer  build 
an  Integrated  Network  Environment  that  in¬ 
corporates  existing  network  tools  and  pro¬ 
vides  an  actionable  inventory  that  allows 
the  execution  of  scripts  based  on  this  in¬ 
ventory  Key  features  of  the  module  include 
the  ability  to  schedule  changes,  generate 
scripts  and  perform  validation  of  changes 
and  search  functions.  Similar  to  TrueCon- 
trol,the  Update  Module  lets  scripts  be  cre¬ 
ated  by  recording  commands  you  issue  to 


a  device. 

Inventory  lists  can  be  populated  by  im¬ 
porting  device  information  from  a  file  or  by 
manually  adding  entries.  An  auto-discoveiy 
wizard  is  also  included.  In  adding  a  device 
to  the  inventory  credentials  are  specified 
and  applied  to  each  device. Shared  creden¬ 
tials  can  be  applied  to  multiple  devices  for 
networks  in  which  devices  all  share  com¬ 
mon  logon  information.  A  user  can  specify 
that  DeviceAuthority  not  poll  devices  dur¬ 
ing  certain  times, such  as  maintenance  win¬ 
dows.  The  Audit  and  Update  Modules  work 
with  the  Server  module  to  provide  side-by- 
side  device  configuration  comparisons  to 
assist  in  tracking  configuration  changes  and 
errors.  DeviceAuthority  can  act  as  a  proxy 
interface  for  telnet  and  SSH  access  to  de¬ 
vices  in  the  database. 

DeviceAuthority  auto-discovered  each 
device  on  our  network  and  had  no  prob¬ 
lem  correctly  identifying  and  backing  up 
configurations  from  the  more  mainstream 
Cisco  devices.  It  had  trouble  with  the  Cisco 
10720s  (at  first,  it  incorrectly  identified 
them  as  Cl 070s  and  couldn’t  back  up  their 
configurations),  the  MSFC3  on-board  the 
Supervisor  Engine  720  and  the  Cisco 
12000s.  (In  both  cases,  these  devices  came 
up  unidentified.)  AlterPoint  delivered  new 
device  drivers  for  each  of  these  devices 
that  fixed  the  aforementioned  problems. 

AlterPoint  officials  say  that  extended 
search  capabilities  and  an  option  for  soft¬ 
ware  management  will  show  up  in  the  next 
release.  While  compliance  reporting  is  sup¬ 
ported  indirectly  through  searching,  the 
next  release  will  support  a  more  robust  set 
of  policy  and  compliance  features. 


Tripwire  for  Network  Devices 

Almost  anyone  with  system  administra¬ 
tion  experience  surely  will  remember  run¬ 
ning  Tripwire  to  ensure  file  integrity  on 
Unix  systems.  TND  builds  on  the  founda¬ 
tion  of  the  file  integrity  assurance  product 
but  goes  further  by  incorporating  support 
for  network  devices. Tripwire  has  vendor- 
specific  support  for  products  from  Check 
Point,  Cisco,  Extreme  Networks,  Foundry 
Networks,  HP  Nortel  and  others,  and  says  it 
can  manage  up  to  100,000  devices. 

TND  can  connect  toTACACS+  or  RADIUS 
servers  to  confirm  the  identity  of  individu¬ 
als  making  changes  to  the  configuration 
of  monitored  devices.This  is  part  of  TND’s 
configuration  security  focus,  as  it  reports 
the  who,  what,  where,  when  and  why  (with 
specifics)  of  any  changes.  The  security 
focus  continues  with  a  very  full  set  of  noti¬ 
fication  options  when  configuration 
changes  are  detected.  E-mail  notification 
and  SNMP  traps  are  included,  as  are 
device  configuration  restore  and  update 
rollback  features. 

Configuration  information  is  transmitted 
via  TFTP  back  to  the  Tripwire  server,  or 
communications  can  be  secured  by  using 
SSH/Subscriber  Control  Platform  (SCP). 
Staying  true  to  its  name,  TND  can  capture 
output  from  nearly  any  network  device  you 
can  log  on  to  —  it  then  can  run  regular  ex¬ 
pressions  on  the  corresponding  output.  In 
addition  to  network  device  configurations, 
TND  stays  true  to  its  ancestry  by  letting 
Unix  files  be  monitored. 

The  built-in  log  viewer  is  excellent  for  iso¬ 
lating  errors,  and  TND  can  share  informa¬ 
tion  with  several  applications  through 
Open  Database  Connectivity/Java  Data¬ 
base  Connectivity  (ODBC/JDBC)  and  XML 


file  connectivity  In  addition, TND  has  direct 
hooks  for  many  major  network  manage¬ 
ment  frameworks,  such  as  HP  OpenView 
Network  Node  Manager,  IBM  Tivoli  and 
Computer  Associates  Unicenter.  A  tool  can 
run  integrity  checks  against  TND  from  a 
source  outside  the  machine  hosting  TND, 
which  assures  administrators  that  the  con¬ 
trol  system  has  not  been  compromised. 

The  most  significant  drawback  was  in  es¬ 
tablishing  a  baseline  inventory  —  like 
TrueControl,TND  doesn’t  support  auto-dis- 
covery  of  network  devices.  Instead,  we 
were  forced  to  manually  add  or  import  a 
list  of  devices  (through  XML,  CSV  or 
ODBC/JDBC)  from  an  existing  inventory 
management  system.  Exporting  the  list  of 
devices  and  configuration  also  can  be 
done  using  those  methods.  Credentials 
can  be  added  to  a  single  device,  or  shared 
credentials  can  be  established  by  assign¬ 
ing  a  credential  to  a  variable  and  used 
across  multiple  devices. 

Once  devices  were  added  to  the  inven¬ 
tory,  it  was  easy  to  import  their  configura¬ 
tions.  Once  a  configuration  had  been  re¬ 
trieved,  it  was  marked  as  a  baseline  against 
which  to  compare  subsequent  configura¬ 
tion  changes.  When  a  change  is  detected, 
the  device  entry  is  highlighted  and  a  con¬ 
textual  side-by-side  comparison  of  the  con¬ 
figuration  can  be  viewed.  An  MD5  attribute 
is  added  to  each  configuration  for  security 
purposes.  TND  retrieved  device  configura¬ 
tions  from  nearly  all  of  the  Cisco  devices  in 
our  network  (including  the  MSFC3)  with 
the  exception  of  the  Supervisor  Engine  720. 

While  TND  is  a  system  with  a  lightweight 
footprint,  it  still  can  get  the  job  done  —  as 
long  as  you  carefully  define  the  job  and  let 
TND  work  within  a  system  of  other  network 
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ICLEAR  CHOICE  I 


Company: 

Rendition 
Networks, 

WWW. 

renditionnetworks.com.  Cost: 
$19,900  for  50  nodes.  Pros:  Very 
detailed  permissions  model; 
excellent  search  capabilities; 
software  image  management. 
Cons:  No  auto-discovery;  user 
interface  not  as  intuitive  as  it 
could  be.  Requirements: 
Solaris  or  Windows. 


Company:  AlterPoint, 
www.alterpoint.com.  Cost: 
$19,950  for  100  devices.  Pros: 
Great  user  interface;  Audit  and 
Update  Modules  separate 
functionality  between  engineers 
and  management.  Cons:  No 
software  image  library;  lack  of 
compliancy  reporting. 
Requirements:  Windows  (next 
release  will  incorporate  support 
for  Linux  servers). 


Company:  Voyence, 
www.voyence.com.  Cost: 
Minimum  system  price  starts 
at  $55,000;  pricing  derived  from 
number  of  devices  under 
management.  Pro:  Strong 
editing  capabilities.  Con: 
Currently  unable  to  kill  running 
jobs  from  the  GUI. 
Requirements:  Linux. 


Company:  Tripwire, 
www.tripwire.com.  Cost: 
$19,995  for  100  devices.  Pros: 
Lightweight  but  powerful; 
excellent  regular  expression 
capabilities.  Con:  No  auto¬ 
discovery.  Requirements: 
Solaris  or  Windows. 


Company:  Dorado  Software, 
www.doradosoftware.com. 
Cost:  $12,000  list  pricing.  Pros: 
Detailed  device  information  at 
the  line-card,  port  and  interface 
level.  Con:  User  interface 
needs  work.  Requirements: 
Solaris  orWindows. 


The  breakdown 

Rendition 

AlterPoint 

Voyence 

Tripwire 

Dorado 

Configuration  control  25% 

4.5 

5 

4.5 

4.5 

4 

Monitoring  and  reporting  25% 

5 

4.5 

4.5 

4.5 

4 

Multi-vendor  support  10% 

4.5 

5 

5 

5 

5 

Security  features  10% 

5 

5 

5 

5 

4 

Installation  10% 

5 

5 

5 

5 

5 

Documentation  10% 

5 

5 

5 

5 

5 

Special  features  10% 

5 

3 

4 

4 

5 

TOTAL  SCORE 

4.83 

4.68 

4.65 

4.65 

4.4 

Vt  Scoring  Key:  5:  Exceptional;  4:  Very  good;  3:  Average;  2:  Below  average;  1:  Consistently  subpar 
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management  software.  It’s  worth  noting 
again  that  TND  is  the  only  product  in  this 
review  that  says  it  supports  up  to  100,000 
devices  (find  out  how  many  devices  the 
other  products  support  at  www.nwfusion. 
com,  DocFinder:  1629.  Future  releases  will 
focus  on  enhancing  device  manage¬ 
ment,  reporting  and  conformance  check¬ 
ing  capabilities. 

VoyenceControl 

Voyence  begins  a  customer  installation 
differently  than  most  network  vendors  —  it 
typically  sends  the  customer  a  proof  of  con¬ 
cept  (FbC)  document  to  gather  as  much  in¬ 
formation  as  possible  about  the  network 
before  shipping  and  installing  the  product. 
Information  gathered  via  the  FbC  docu¬ 
ment  includes  IP  ranges  that  will  be  auto- 
discovered  and  network  device  informa¬ 
tion  that  includes  vendor  name,  operating 
system  version, interface  type  and  protocols 
supported.  Customers  can  have  Voyence 
provide  the  necessary  hardware  (loaded 
with  the  VoyenceControl  software  before 
coming  on-site),  or  Voyence  can  install  it  on¬ 
site  with  customer-purchased  hardware. 

VoyenceControl  runs  on  Red  Hat  Linux, 
making  it  the  only  Linux-based  server  in  this 
review.  It  is  part  GUI,  part  database  server 
and  part  device  server.  The  software  has  a 
great  deal  of  flexibility  in  how  it  gathers 
information  from  network  components  — 
SNMRTFTR  telnet,  XML,  HTTP  and  SSH/SCP 
all  are  supported.VoyenceControl  integrates 
its  alerts  and  configuration  files  with  most 
of  the  major  network  management  plat¬ 
forms,  including  HP  OpenView,  Tivoli,  Uni¬ 
center,  Micromuse  Netcool,  Remedy  and 
other  network  applications.  Information  is 
exchanged  with  these  systems  via  XML  or 
CSV  files.  Scheduled  events  and  complex 
sequences  can  be  scripted,  based  on  a  pro¬ 
prietary  Voyence  scripting  language. 

VoyenceControl  auto-discovered  and 
identified  all  the  devices  in  our  network.  It 
correctly  identified  some  of  the  more  trou¬ 
blesome  devices  (specifically,  Cisco’s 
10720s  and  12000s)  that  other  products 
(DeviceAuthority,  RedCell  and  TrueCon- 
trol),  couldn’t  identify  properly.  Like  the 
other  products,  it  had  trouble  with  the 
MSFC3  onboard  the  Supervisor  Engine  720 
and  incorrectly  identified  the  Supervisor 
portion  of  the  720. Voyence  shipped  a  new 
driver  that  was  able  to  correctly  identify  the 
MSFC3  and  the  Supervisor  Engine  720. 

Once  devices  were  added  to  the  inven¬ 
tory,  configurations  were  retrieved  and 
marked  as  baselines. VoyenceControl  has 
superb  editing  support  (there  are  four 
types  of  editing  in  all)  —  the  config  editor 
lets  you  edit  the  entire  configuration;  the 
configlet  editor  lets  you  edit  portions  of 
the  config  across  multiple  devices;  the 
interface  editor  lets  you  make  changes  to 
an  interface  across  multiple  devices;  and 
the  termlet  editor  lets  you  send  com¬ 
mands  to  the  router  to  verify  network 
integrity  or  for  troubleshooting/diagnos¬ 
tic  purposes.  Wizards  let  you  automate 
Cisco  configuration  tasks.  Job  control  is  a 
particularly  important  feature  within 
VoyenceControl  —  when  a  change  is 


made,  the  job  must  first  be  approved  be¬ 
fore  it  can  be  scheduled. 

The  system  stands  out  because  of  its 
superb  mix  of  simplicity  and  functionality. 
The  GUI  is  easy  to  understand  and  manip¬ 
ulate  for  discovery  and  management,  and 
it  makes  viewing  information  (model, 
operating  system  version  and  the  like) 
gathered  from  your  network  devices  easy. 
A  feature  that  will  be  useful  to  those  man¬ 
aging  widely  dispersed  networks  is 
VoyenceControl’s  location  integration 
with  MapQuest  —  maps  generated  by  the 
software  can  be  logical  and  geographical. 
Diagramming  capabilities  are  included, 
but  this  is  a  feature  best  left  to  systems  such 
as  HP  OpenView.  Future  versions  will  incor¬ 
porate  Visio  support,  a  software  image 
library  and  extend  integration  with  exter¬ 
nal  network  management  systems. 

RedCell 

RedCell  is  an  integrated  suite  of  products 
that  allows  extensive  discovery  and  man¬ 
agement  of  network  configurations.  Red¬ 
Cell  Management  Center  is  the  core  of  the 
product  and  provides  a  multi-vendor  man¬ 
agement  interface  to  each  of  the  other 
products  in  the  suite.  The  RedCell  Net- 
Config  module  is  vendor-specific  and  pro¬ 
vides  comprehensive  configuration  man¬ 
agement  capabilities,  including  the  ability 
to  back  up,  compare,  restore  and  synchro¬ 
nize  device  configurations.  Dorado  builds 
RedCell  on  Oware,  its  framework  for  devel¬ 
oping  carrier-class  applications. 

RedCell  supports  a  variety  of  vendor 
equipment.  It’s  the  only  product  in  this  test 
with  device  drivers  that  take  specific  advan¬ 
tage  of  the  Juniper  CLI,  which  lets  two  con¬ 
figurations  be  merged  or  a  configuration 
change  to  be  scheduled  (via  the  Juniper 
device,  not  the  configuration  management 
system).  Dorado  also  makes  versions  of 
RedCell  that  work  specifically  with  Cisco, 
Dell,  Extreme,  Foundry  and  Riverstone  Net¬ 
works  equipment. 

Dorado’s  system  was  easy  to  stop  and  re¬ 
start,  either  via  the  command  line  or  an 
icon  in  the  system  tray.  The  tray  icon 
changes  color  to  indicate  system  status, 
showing  red  when  services  are  stopped, yel¬ 
low  when  initializing  and  green  when  the 
system  is  ready  to  use.The  software  runs  on 
Solaris  and  Windows  server  platforms  and 
will  use  all  the  memory  you  can  throw  at  it. 

In  our  test,  RedCell  accurately  pinged 
and  discovered  all  the  devices  in  our  net¬ 
work.  All  our  Cisco  components  were 
accurately  picked  up  as  Cisco  devices, 
although  some  were  displayed  as  type 
CiscoRouter  or  CiscoSwitch  instead  of  the 
actual  model  type.  (To  be  specific,  Cisco 
Multilayer  Switching  Feature  Cards  [MSFC] 
were  identified  as  type  CiscoSwitch, 
whereas  Cisco  10720s  were  identified  as 
CiscoRouters.)  The  Supervisor  Engine  720 
was  discovered  and  correctly  identified, 
but  the  MSFC3  portion  of  the  device  was 
not  correctly  identified  as  a  Cisco  device. 
Dorado  shipped  new  drivers  that  were 
able  to  correctly  identify  the  Cisco  10720s, 
but  said  that  the  Supervisor  Engine  and 
MSFC3  were  currently  unsupported. 


When  the  device  type  is  identified  cor¬ 
rectly,  RedCell  builds  a  hierarchical  view 
of  the  device,  complete  with  line  cards,  in¬ 
terfaces  and  ports  —  you  can  drill  down 
to  get  detailed  information  (this  is  what 
Dorado  terms  “deep  discovery”),  add 
notes  to  specific  interfaces,  and  change 
and  edit  device  parameters.  Config¬ 
urations  are  easily  backed  up,  restored  or 
synchronized.  Configurations  on  the  same 
device  or  different  devices  can  be  com¬ 
pared  side  by  side,  but  there  is  no  contex¬ 
tual  way  to  see  what  changes  have  been 
made.  RedCell  also  includes  a  firmware 
and  operating  system  image  library  and 
diagramming  capabilities.  The  image 
libraries  are  a  nice  touch,  but  diagram¬ 
ming  capabilities  are  probably  best  left  to 
systems  such  as  HP  OpenView. 

While  the  user  interface  is  sometimes  too 
complex  for  easy  understanding  and  man¬ 
agement  —  common  actions  such  as 
perusing  the  equipment  manager  required 
significantly  more  hunting  through  screen 
items  and  clicking  options  than  in  the 
other  systems  we  tested.  Make  no  mistake, 
this  is  a  very  powerful  system  that  is  chock 
full  of  features. 

Conclusion 

It’s  important  to  understand  that  these 


products  are  designed  to  be  integrated  into 
a  larger  network  management  and  security 
infrastructure.  They  make  extensive  use  of 
ports  beyond  those  used  by  “normal  ”  enter¬ 
prise  applications,  so  it  is  necessary  to 
check  access  control  lists  and  firewall  set¬ 
tings  to  make  sure  the  system  can  commu¬ 
nicate  with  the  devices  being  managed 
(and  vice  versa).  Administrators  who  inte¬ 
grate  these  products  into  their  infrastruc¬ 
tures  will  gain  substantial  benefits  in  inven¬ 
tory  and  security  control. 

Goddard  is  a  senior  infrastructure  special¬ 
ist  at  EDS.  He  can  be  reached  at  ggod 
dard@alumni.ufl.edu.  Franklin  is  president 
of  The  CF2  Group,  a  Gainesville,  Fla.,  tech¬ 
nology  communications  company.  He  can 
be  reached  at  cf2@bellsouth.net. 


M  Lab  Alliance 


Goddard  and  franklin  also  are  members  of  the 
Network  World  Lab  Alliance,  a  cooperative  of 
the  premier  reviewers  in  the  network  industry, 
each  bringing  to  bear  years  of  practical  expe¬ 
rience  on  every  review.  For  more  Lab  Alliance 
information,  including  what  it  takes  to  become 
a  partner,  go  to  www.nwfusion.com/alliance. 


®  How  We  Did  It 


Our  testing  environment  consisted  primarily  of  these  Cisco  routers  and 
switches;  Cisco  3524s,  Cisco  3550s,  Cisco  3640s,  Cisco  3745s,  Cisco  6506s 
and  6509s,  Cisco  7200s,  Cisco  10720s,  Cisco  12004s  and  Cisco  12008s. 

Each  product  in  the  review  had  no  problem  correctly  identifying  most  of  the  ! 
Cisco  devices  listed  above.  Cisco's  Supervisor  Engine  720,  on  the  other  hand,  is 
a  fairly  new  device.  Located  onboard  the  Supervisor  Engine  720  is  an  MSFC3,  j 
Cisco's  latest  addition  to  the  Multilayer  Switching  Feature  Card  family.  We 
expected  vendors  to  have  quite  a  bit  of  trouble  classifying  and  pulling  config¬ 
urations  from  these  devices,  and  we  were  right.  Vendors  were  notified  that  their 
products  couldn’t  classify  these  two  devices,  and  subsequently  they  shipped 
patches  to  their  device  drivers. 

On  each  product,  the  following  considerations  were  taken  into  account:  I 

•  Device  configurations  were  changed  to  see  how  each  product  monitored  and 
managed  these  changes. 

•  Devices  were  restored  to  a  previously  known  “good”  configuration. 

•  Noted  compatibility  with  several  vendors’  devices  (heterogeneous  network 
device  support). 

•  The  ability  to  integrate  with  other  network  management  platforms. 

•  The  ability  to  schedule  future  configuration  changes  and  look  up  past  config-  j 
uration  changes. 

•  The  ability  to  visually  differentiate  between  configuration  changes.  \ 

•  Whether  a  product  could  be  used  to  better  troubleshoot  a  network 
problem/outage. 

Other  evaluated  items  included  the  use  of  access  control  (assigning  permis¬ 
sions  to  groups,  individuals  or  administrators),  additional  security  features, 
scripting  support,  auto-discovery  of  devices,  installation,  ease  of  use  and 
documentation. 

We  configured  several  clients  ranging,  from  900-MHz  to  2-GHz  processors  wiTh 
256M-byte  to  iG-byte  of  memory,  and  servers  with  1-  to  2-GHz  single  processors 
with  512M-byte  to  IG-byte  of  memory  to  test  theTectia  4.0  client  and  server 
components.  We  used  Windows  XP,  Red  Hat  9  and  Windows  2000  as  clier  mach¬ 
ines,  and  Win  2000  Server  and  Red  Hat  Enterprise  Linux  Advanced  Server  as 
server  machines.  We  exercised  Tectia  with  various  terminal  access,  file  transfer 
and  port-forwarding  tests.  We  used  password-based,  Secure  Shell  key-based 
and  certificate  authentication.  We  tested  Tectia  4.0  by  using  it  to  perform  typical 
SSH  user  tasks,  such  as  maintaining  network  servers,  transfen  ing  :  !e  tc  Wer 
sites  and  using  it  to  port -forward  e-mail  traffic  from  Internet  cams. 
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Manufacturers  ready 
RFID  rollouts 

Driven  by  retailer  mandates,  suppliers  are  on  the 
front  lines  of  a  battle  to  overhaul  the  supply  chain. 


BY  ANN  BEDNARZ 


A  wireless  inventory  system  that’s  worked  for  tracking  cattle  is  winning 
converts  in  the  retail  industry  but  its  the  suppliers  who  are  getting 
prodded  to  adopt  radio  frequency  identification. 


Retailers  such  as  Wal-Mart, Target  and  Carrefour  say 
using  RFID  tags  that  can  store  and  communicate  de¬ 
tailed  item  identification  data  will  allow  for  more  accu¬ 
rate  inventory  management,  fewer  out-of-stock  condi¬ 
tions,  and  less  shrinkage,  or  product  loss,  throughout  the 
supply  chain  than  conventional  barcodes. 

This  vision  is  forcing  their  suppliers  to  join  the  RFID 
revolution.  Consumer  packaged  goods  manufactur¬ 
ers  such  as  Gillette  and  Procter  &  Gamble  are  launch¬ 
ing  feasibility  studies,  planning  pilots  and  drafting 
implementation  plans. 

Wal-Mart,  Target  and  Albertsons  have  imposed  dead¬ 
lines  for  their  suppliers  to  begin  shipping  RFID-tagged 
pallets  and  cases.  So  too,  has  the  Department  of  Defense, 
which  is  one  of  the  nation’s  largest  consumer  goods  pur¬ 
chasers.  Wal-Mart ’s  deadline  is  the  most  pressing:  As  of 
January  2005,  Wal-Mart  will  require  its  top  100  suppliers 
to  use  RFID  tags  that  each  contain  a  unique  identifier  — 
called  an  electronic  product  code  (EPC)  —  that  is  refer¬ 
enced  in  corresponding  electronic  transaction  docu¬ 
ments,  such  as  advance  shipping  notices. 

Such  deadlines  add  urgency  to  RFID  rollouts,  which 
are  not  without  complexity  Implementing  RFID  requires 
not  only  investing  in  the  RFID  tags  and  readers,  but  also 
linking  the  readers  to  supply-chain  systems  and  design¬ 
ing  new  processes  that  incorporate  the  collection  and 
dissemination  of  RFID  tag  data. 

As  one  of  Wal-Marts  top  100  suppliers,  Henkel  Con¬ 
sumer  Adhesives  is  directly  affected  by  the  retailers  RFID 
mandate, says  Gene  Obrock.vice  president  of  operations 
at  the  Avon,  Ohio,  manufacturer. 

In  2002,  Henkel  identified  RFID  as  a  system  that  could 
help  improve  internal  efficiency  and  customer  relations. 
“Now  that  the  mandate  has  been  declared,  we  are  glad 
we  had  already  been  researching  this  technology,”  he 
says.The  company  plans  to  have  RFID  active  by  late  this 
year  in  its  three  warehouses. 

The  company  is  rolling  out  Manhattan  Associates’ 
RFID-in-a-Box.  According  to  the  vendor,  the  bundle  starts 
at  $60,000  and  includes  RFID  readers  and  tags  from 
Alien  Technology;  a  limited-license  version  of  Manhattan 
Associates’  Trading  Partner  Management  application  to 
generate  RFID  tags;  professional  services;  and  optional 
EPC  printers  to  print  the  RFID  tags. 

Like  Henkel,  Larson  Manufacturing  Company  already 
is  thinking  about  future  compliance.  Ted  Weinrich,  MIS 
director  at  the  Brooking,  S.D.,  storm  door  maker, says  his 
team  has  begun  to  discuss  and  research  RFID. 

“We  re  not  pushing  on  RFID  at  the  moment,  but  we 
want  to  make  sure  we’re  positioned  properly  when  the 


time  comes,”Weinrich  says.“It’s  not  an  ‘if’  but  a  ‘when.’” 

While  Larson  doesn’t  sell  to  Wal-Mart,  it  does  sell  to 
Lowe’s  and  Home  Depot.  When  those  retailers  make 
technology  decisions,  Larson  needs  to  be  able  to  react 
quickly  Weinrich  says. 

Sensing  a  buying  spree,  vendors  are  rushing  RFID  prod¬ 
ucts  out  the  door.  Software  makers  with  retail  and  ware¬ 
house  management  expertise,  such  as  Manugistics  and 
Manhattan  Associates,  are  unveiling  RFID-enabled  pack¬ 
ages.  ERP  vendors  such  as  Oracle,  PeopleSoft  and  SAP  are 
adding  RFID  capabilities  to  their  suites,  as  are  infrastruc¬ 
ture  software  makers  such  as  IBM,Sun,Tibco  and  web- 
Methods.  Countless  services  firms, systems  integrators 
and  consultants  also  are  launching  RFID  programs. 

Some  vendors  are  going  all  out  to  help  time-pressed 
consumer  goods  manufacturers.Sun,for  example, built  a 
1 7,000-square-foot  warehouse  in  Dallas  that  replicates  a 
Wal-Mart  site.The  warehouse  is  outfitted  with  RFID  read¬ 
ers,  loading-dock  bays  and  a  high-speed  conveyer  belt. 
In  this  pseudo  Wal-Mart  environment,  companies  can 
test  their  RFID  systems  for  compliance  with  Wal-Mart’s 
standards  —  choosing  which  RFID  tags  to  apply  and 
where  to  place  the  tags,  for  example. 

Elusive  payback 

Observers  agree  there’s  plenty  of  potential  for  ROI. 
RFID  systems  are  expected  to  help  boost  retail  and  man¬ 
ufacturing  revenue  by  decreasing  out-of-stock  condi¬ 
tions.  Users  also  expect  to  reduce  product-handling 
costs  by  moving  to  more  automated  processes. 

However,  realizing  that  ROI  is  another  story  Manage¬ 
ment  consulting  firm  AT.  Kearney  reports  that  compa¬ 
nies  can  generate  significant  savings  in  inventory  and 
labor  costs  by  adopting  RFID  technology  but  that  manu¬ 
facturers  will  have  to  spend  a  lot  of  money  upfront  and 
will  see  few  benefits  in  the  short  term. 

Adding  to  the  fuzzy  ROI  picture  is  that  spending  data  is 
hard  to  come  by  Most  companies  that  have  implemented 
the  technology  won’t  share  their  results  because  they 
don’t  want  to  lose  a  competitive  advantage, according  to 
Nigel  Montgomery,  a  director  at  AMR  Research. 

What  spending  figures  are  available  are  often  anec¬ 
dotal.  James  Jackson,  vice  president  of  strategy  and  in¬ 
formation  at  Unilever,  reportedly  told  attendees  at  last 
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*  ( (GvJ ) 3  about  Sun's  RFID  pilot. 

Kk  DocFinder  1622 


month’s  Global  Retail  Technology  Forum  in  Barcelona 
that  the  London  consumer  goods  manufacturer 
spends  between  $1  million  and  $2  million  on  each 
RFID  pilot. 

Spending  on  RFID  pilot  projects  today  runs  about 
90%  services  and  10%  components,  says  Vijay  Sarathy, 
group  marketing  manager  for  Sun  RFID.  One  reason  is 
for  the  high  services  ratio  is  that  much  of  the  effort  is 
by  hand:“Tag  placement  is  such  an  art,  people  have  to 
literally  hand-wire  a  lot  of  these  things,”  Sarathy  says. 
That  model  won’t  hold  up  in  a  broad  enterprise 
deployment. 

Adding  to  the  complexity  is  that  manufacturers  need 
to  integrate  their  homegrown  software  with  retailers’ sys¬ 
tems,  says  Jeff  Richards,  CEO  of  consulting  firm  R4 
Global  Services.  “Until  now,  a  manufacturer’s  software 
environment  was  its  own  and  didn’t  impact  partners. 


CONSUMER  GOODS  MANUFACTURERS: 
AT  A  GLANCE 

IT  allocation:  Process  manufacturing  firms  devote 
1.12%  of  revenue  to  their  IT  operating  budgets  and 
0.4%  of  revenue  to  their  IT  capital  budgets,  according 
to  Gartner  —  significantly  less  than  the  overall 
averages  of  2.84%  and  1.38%,  respectively. 

RFID  spending:  RFID  spending  forthe  U.S.  retail 
supply  chain  will  grow  more  than  tenfold  over  the 
next  four  years,  from  $91.5  million  in  2003  to  nearly 
$1.3  billion  in  2008,  IDC  reports. 

Sector  contributions:The  manufacturing 
industry  contributed  $1.49  trillion  (14.1%)  to  the 
gross  domestic  product  in  2001,  according  to  the 
Bureau  of  Economic  Analysis. 


Now  they  all  have  to  have  systems  talking  to  each  otherf 
Richards  says. 

To  get  the  full  benefits  of  RFID,  manufacturers  must  bal¬ 
ance  the  immediate  need  to  comply  with  RFID  man¬ 
dates  with  longer-term  plans  to  retool  collaborative  busi¬ 
ness  process  around  the  new  technology,  says  Larry 
Kellam,  partner  at  consulting  firm  Kellam  Group  and  a 
35-year  Procter  &  Gamble  veteran. 

“It’s  hard  for  most  people  to  imagine  changing  work 
processes  to  capitalize  on  what  RFID  technology  allows,” 
says  Kellam,  who  led  Procter  &  Gamble  into  its  RFID 
pilots.“But  if  all  we  do  is  think  about  using  EPC  as  a  re¬ 
placement  for  the  barcode,  all  we  will  have  done  is  in¬ 
crease  cost.That’s  a  pretty  bad  trade.” 

For  manufacturers  that  so  far  have  avoided  undertak¬ 
ing  RFID  pilots,  Kellam’s  advice  is  to  dive  in. “Start  using 
the  technology  on  a  limited  scale.  Buy  100  tags  and  a 
reader  and  software.  Immediately  follow  by  beginning  to 
pilot,”  he  says.B 


Your  role  is  expanding. 

As  business  infrastructure  moves  to  the  forefront,  your  company 
relies  on  you  to  keep  existing  systems  at  peak  performance  while 
tackling  a  broad  range  of  new  requirements.  Securing  wireless 
networks,  implementing  collaboration  technologies,  improving 
regulatory  compliance,  ensuring  business  continuity — all  while 
doing  more  with  less. 

Enterprise  challenges  demand 
end-to-end  solutions. 

As  networking  and  communications  professionals,  you  need  to 
focus  on  an  end-to-end,  system-wide  approach  when  building 
and  optimizing  your  business  infrastructure: 

»  Security  »  Performance 

»  Wireless  »  Data  Center  and  Storage 

»  Collaboration  and  VoIP  »  Infrastructure  and  Services 


Pre-register  by  May  8th. 

Go  to  INTEROP.com  for  details  and  registration 

Use  Priority  Code:  ADAVZ2ND 


Put  it  all  together. 

Only  NetWorld+Interop  brings  you  the  latest  strategies,  techniques 
and  products  for  every  point  in  your  infrastructure — and  shows 
you  how  they  can  add  up  to  an  integrated,  end-to-end  solution 
that  meets  every  requirement  on  your  list. 

Make  the  connection  at  NetWorld+Interop. 

For  17  years,  NetWorld+Interop  has  helped  networking 
professionals  take  their  enterprises  and  their  careers  to  the  next 
level.  At  NetWorld+Interop  Las  Vegas  2004,  you'll  make  the 
industry's  best  ideas  and  latest  technologies  relevant  to  your 
needs,  and  discover  that  even  the  toughest  networking  challenge 
is  all  in  a  day's  work. 


NETWORLD 

+INTEROP 

LAS  VEGAS  •  MAY  9-14,  2004 

EXHIBITION:  MAY  11-13,  2004 

A  MediaLive- 

W  INTERNATIONAL 


Copyright  O  2004  MediaLive  International.  Inc.,  795  Folsom  Street.  6th  Floor,  San  Francisco,  CA  94107.  All  Rights  Reserved.  MediaLive  International,  Networld,  Interop,  and  associated  design  marks  and  logos  are  trademarks  or 
service  marks  owned  or  used  under  license  by  MediaLive  International,  Inc.,  and  may  be  registered  in  the  United  States  and  other  countries.  Other  names  mentioned  may  be  trademarks  or  service  marks  of  their  respective  owners 
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Raritan's  Dominion™  KX  Better  KVM  Over  IP 


As  your  company  grows  and  you're  responsible  for  more  and  more  networking  hardware,  you  have  two  options: 
Get  a  super-scalable  KVM  solution  now,  or  rip  and  replace  later.  Luckily,  the  new  Dominion  KX  lets  you  access, 
diagnose  and  monitor  hundreds,  even  thousands  of  servers  in  any  location  in  the  world  via  KVM  (Keyboard, 
Video,  Mouse)  without  ever  leaving  your  chair. 

With  Raritan's  19  years  of  innovation  in  the  Data  Center,  you  now  have  the  newest  and  most  dependable  choice 
for  an  integrated  KVM  over  IP  switch.  Dominion  KX  is  a  plug-and-play  appliance.  It's  incredibly  scalable,  as  you 
can  see,  delivering  dependable  performance  no  matter  how  big  your  company  gets.  And  by  encrypting  all  KVM 
data,  including  video,  Dominion  KX  provides  the  industry's  most  secure  KVM  over  IP  technology.  It's  the  KVM 
over  IP  solution  that  beats  the  other  options  again  and  again  and  again. 


Schedule  your  on-line  test-drive  today,  by  calling  1-800-724-8090  x927 
or  by  visiting  us  at  www.raritan.com/927 


Command 


The  KX  Digital  KVM  Switch 
is  one  part  of 

RARITAN'S  DOMINION  SERIES 

The  complete  Data  Center 
Management  Solution 


Dominion 


Dominion 


Dominion 


When  you’re  ready  to  take  control. 


www.nwfusion.com 
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Instilling  IT  governance 


CAREER  DEVELOPMENT 
PROJECT  MANAGEMENT 
BUSINESS  JUSTIFICATION 


I  BY  LINDA  LEUNG 


Determine  what  arrangement  of  decision  rights  and  accountability  works  well  for  your  organization. 


Corporate  governance  is  transforming  boardrooms  across  America, 
and  it  also  has  a  place  in  the  data  center.  Gartner  and  the  Massachusetts 
Institute  of  Technology  Sloan  Center  for  Information  Systems  Research 
together  define  IT  governance  as  the  decision  rights  and  accountabili¬ 
ties  that  encourage  desirable  behavior  in  the  use  of  IT. 

To  establish  effective  IT  governance, you  need  to  get  a  handle  on  your 


company’s  personality  and  set  up  the  most  appropriate  decision-making 
processes  between  IT  and  business  managers. 

According  to  Gartner,  there  are  three  types  of  business  orientations: 
synergistic,  agile  and  autonomous.  Knowing  which  one  your  company 
most  identifies  with  is  the  first  step  to  understanding  what  processes  to 
implement. 


Take  the  test 


Use  Gartner's  quiz  to  determine  your  firm's  business  orientation 

1  ■  Your  company  predominately  aims  for  business  processes 
that  are: 

(a)  Integrated  and  standard  across  all  business  units. 

(b)  Modular,  adaptable  and  able  to  be  combined  easily  for  new 
business  initiatives. 

(c)  Distinct  to  business  units  for  local  decision  responsiveness. 

2.  Your  company  predominately  aims  for  coordination  to 
achieve: 

(a)  Mandated  synergies,  minimized  duplication  and  top- 
down  innovation. 

(b)  Front-line  decision-making  to  enable  rapid  changes 
and  recombination  of  assets. 

(c)  Innovative  capacity,  primarily  at  the  business-unit  level. 


3.  Your  enterprise  predominantly  aims  for  management  systems  in  which: 

(a)  Business  units  focus  on  business  unit  and  enterprisewide  strategies,  follow¬ 
ing  centrally  defined  and  coordinated  synergies. 

(b)  Business  units  adapt  to  local  conditions  according  to  an  enterprise-wide 
organizing  logic. 

(c)  Few  mandated  processes  exist,  and  these  are  focused  on  financial  and 
risk  management. 

If  your  answers  were  mostly  (a),  your  company  is  synergistic.  A  good  example  would  be  a 
bank  that  provides  integrated  financial  services  to  customers,  with  technology  pulling  mul¬ 
tiple  product  offerings  together.  Departments  need  to  be  tightly  integrated  to  present  a 
single  face  to  the  customer. 

If  your  answers  were  mostly  (b),  your  company  is  agile.  Examples  could  be  entertain¬ 
ment  firms  or  manufacturers,  where  the  focus  is  on  speedy  decision-making  and  the 
ability  to  coordinate  the  efforts  of  the  all  the  business  units. 

If  your  answers  were  mostly  (c),  your  company  is  autonomous.  Although  owned  by  the 
same  company,  each  decentralized  business  unit  makes  its  own  decisions.  Often, 
each  unit  is  served  by  its  own  IT,  human  resources  and  finance  functions. 


Learn  about  governance  styles 

Once  you've  identified  your  company’s  business  orien¬ 
tation,  it's  time  to  understand  the  six  different  IT  gov¬ 
ernance  styles  —  that  is,  the  processes  in  which  IT 

decisions  are  made. 

■  Business  monarchy:  The  executive  leadership  —  usually 
a  council  of  IT  and  business  chiefs  —  has  the  decision 
rights  governing  IT  investment  and  prioritization. 

■  IT  monarchy:  The  CIO  (and  business-unit  CIOs,  if  applica¬ 
ble)  has  decision  rights  to  IT  architecture  and  infrastruc¬ 
ture  strategies. 

■  Feudal:  Business-unit  heads  or  their  delegates  have  the 
decision  rights,  and  authority  could  be  localized. 

■  Federal:  Corporate  executives  and  at  least  one  business 
group  (which  could  be  IT)  share  governance  rights. 

■  Duopoly:  Rights  are  shared  between  two  groups,  which 
could  be  IT  and  the  business  units,  perhaps  with  a  series 
of  bilateral  relationships  with  multiple  business  units. 
Alternatively,  the  two  groups  could  be  IT  and  a  team  of 
corporate  executives. 

■  Anarchy:  Individual  owners  or  end  users  have  decision 
rights.  Decisions  are  made  locally  and  on  an  ad  hoc 
basis. 


Consider  the  choices 


The  synergistic  company:  These  tightly  focused  companies 
are  best  supported  by  a  top-down  technology  mandate  from 
an  IT  monarchy,  says  Marianne  Broadbent,  a  Gartner 
research  fellow. “The  IT  group  works  with  corporate-level 
executives  to  set  IT  principles  across  the  whole  enterprise.” 

The  business  monarchy  and  duopoly  decision-making  styles  are 
also  applicable,  Broadbent  says.  Such  decision  processes  let  syner¬ 
gistic  companies  maximize  economies  of  scale  and  reduce  duplication. 

The  autonomous  company:  The  opposite  of  synergistic  firms,  autonomous 
corporations  focus  on  the  front  lines  rather  than  the  data  center.  IT  leaders 
usually  work  one-on-one  with  individual  business  unit  leaders.The  federal 
and  feudal  styles  work  well  with  these  organizations,  according  to  Gartner. 

Under  a  federal  model,  the  corporate  and  business  units  set  principles  of 
how  IT  will  be  used,  but  emphasize  business  unit  autonomy  A  feudal  style 
would  let  business  units  make  decisions  on  business  applications,  IT 
investment  and  prioritization,  while  the  central  IT  group  is  responsible  for 
IT  infrastructure. 

The  agile  company:  /Agile  companies  need  to  move  quickly  particu¬ 
larly  at  the  local  business-unit  level.  However,  everyone  in  the  compa¬ 
ny  needs  to  understand  the  ground  rules  before  they  can  be  let 
loose.  At  all  levels,  roles  and  responsibilities  should  be  clearly 
defined.  Gartner  says  business  monarchies  typically  set  principles 
at  agile  companies,  while  the  duopoly  decision-making  styie 
works  well  for  IT  architecture, investment  and  prioritization.® 
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www.bi^uptime.cam 


Ybur  One-Stop  Shop  for  high  availability  solutions 


BuyUptime.com  is  a  leading  supplier  in  end-to-end  UPS  power, 
thermal  cooling,  and  management  solutions.  Shop  us  online  to 
find  the  right  networking  solutions  for  your  application  needs. 


Portable  Air  Conditioning  Solutions  for  Network  Applications! 


WPS 

Power  Distribution 
Rack  Systems 
Mobile  Computing 


Surge  Protection  and 
Power  Conditioning 


(^Cooling 


Solutions 


> 


Broadband  Power 
Systems 

Connectivity  Solutions 
Battery  Systems 
Services 

InfraStruXure  System 
Management 


Hardware  Security 
Devices 


NetworkAIR “  1000 


The  NetworkAIR1”  1000  is  a 
portable  and  compact  air  condi¬ 
tioner,  perfect  for  spot  cooling 
small  server  closets,  conference 
rooms  or  home  offices. 


AP7003 


Features: 

•  Provides  1.6kW  cooling 

•  Features  electronic  control 
panel  with  LCD  display 

•  Automatic  turn-on/ 
shut-off  timer 

•  Oscillating  automatic  swing 
louvers  for  even  air  distribution 
in  the  room 


Sale  Price 


Save! 


$799.49  15% 


A  compact,  self-contained  air 
conditioner  for  localized  cooling 
of  application  hot  spots.  The 
NetworkAIR”  PA  4000  is  a  great 
choice  for  cooling  small  to  medium¬ 
sized  wiring  closets  and  computer 
rooms. 


NetworkAIR ™  PA4000 


Features: 

•  Provides  up  to  4kW  of  cooling 

•  Dual-ducted  condensing  provides 
more  efficient  cooling 

•  LCD  display  for  local  manage¬ 
ment  and  scheduling 

•  Automatic  restart  feature  returns 
the  unit  to  its  last  operating  status 
in  the  event  of  a  power  failure 


ACPA4000 
Sale  Price 

$2999.49 


Save! 

-15% 


Order  via  our 

promo  page  Visit  http://promOebuyuptime.com 

and  save!  and  enter  key  code  q286y 


Or  Call  Toll  Free: 
888-288-8843  to  order. 


Fax:(877)411-2080  •  e-mail:  sales@buyuptime.com 
801  Corporate  Centre  Drive,  St.  Charles,  MO  63304  •  BY1A4EP-US 
©2004  Systems  Enhancement  Corp.  All  Trademarks  are  the 
property  of  their  owners. 
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Your  key  to  console  access 
and  management. 


AVWorks®  management  software  and 
the  CCM  console  manager  integrate 
with  Avocent  KVM  over  IP  switches 
and  intelligent  power  controllers  to 
offer  total  data  center  management 
from  a  single  application. 
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Download  your  free  guide! 

8  Key  Reasons  Why  Administrators 
Rely  on  Console  Port  Management 
Solutions  at  www.equinox.com/ccm4 


Anywhere,  Anytime  Secure 
Console  Port  Management 


When  business  critical  servers  or  networks 
malfunction,  the  Equinox  CCM  console 
manager  gives  you  the  tools  to  securely 
and  quickly  restore  normal  functionality. 


Devices  in  Rack 


Available  in  8  and 
16-port  models. 

Call  for  more  details 
on  48-port  model. 


Console  management 
solutions  include: 


With  the  CCM  console 
manager  you  can: 


SSH  v2/Telnet  host 
Strong  authentication 
Offline  buffering 
SUN  break  safe 
In/out  of  band  access 
Point  and  click  access 


Be  organized 
Tighten  security 
Manage  users 
Establish  permissions 
Be  proactive 
Log  critical  events 


AVWorks 
Software  atent 


For  a  30-day  product  evaluation,  call  1-800-275-3500  ext  247  or  954-746-9000  ext.  247 


EQUINOX 


an  Avocent  Company 


©  2004  Avocent  Corporation.  Equinox  and  AVWorks  are  trademarks  or  registered  trademarks  of  Avocent  Corporation  or  its  affiliates.  Ail  other  marks  are  the  property  of  their  respective  owners. 
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Fingerprint  Authentication  Scanner  Enterprise  KVM  Solutions 

AlterPath™Bio  AlterPatfTKVM 


Advanced  Console  Servers 

AlterPath™ACS 


Network  Management  Gateway  Intelligent  Power  Distribution  Units 

AlterPath™  Manager  AlterPath,MPM 


Cyclades'  data  center  management  solutions  offer  a  full  range 
of  security  features  across  its  entire  product  line  of  console  servers, 
power  management,  KVM,  biometric  scanner  and  network  management 
With  SSH  v2,  IP  Filtering,  strong  authentication,  event  logging  and 
data  logging,  Cyclades  can  make  your  network  into  a  secure 
heavyweight  contender  in  the  data  center  world. 


For  a  FREE  white  paper  on  data  center  security,  please  visit  us  at  www.cyclades.com/securitywp 
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www.cyclades.com/nw 

1.888.cyclactes  •  1.888.292.5233  .  sales@cyctades.com 


cyclades 

Everywhere  with  Linux 


©2004  Cyclades  Corporation  All  rights  reserved.  All  other  trademarks  and  product  images  ore  property  of  their  respective  owners.  Product  information  subject  to  change  without  notice. 
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Custom  Management  Levels 


Test-drive  the  new  Observer  9  today  and  see  how  it  immediately 
finds  problems  you  didn’t  know  you  had,  optimizes  network  traffic 
and  provides  insight  for  future  planning.  Call  800-526-5958  for 
a  full  featured  evaluation  or  visit  our  website  at 

www.networkinstruments.com/nine 


OBSERVER 

•  Decode  over  500  protocols 


Remote  &  Hardware  Options 


•  Long-term  network  trending  &  analysis 

*  Real-time  statistics 

-.  ..  *  ,.  I  y  r-  •  iV^i1 


REMOTE  NETWORKING  PROBES 


Fully  distributed 

Monitor  up  to  64  NICs  simultaneously 
New  levels  of  problem  solving  collaboration 


EXPERT  OBSERVER 

•  What-lf  Modeling  Analysis 

•  Expert  Analysis 

•  Connection  Dynamics 


Introducing  Observer  9 


GIGABIT  &  WAN  HARDWARE  OPTIONS 


New  Application  Analysis 

Remote  probes  now  provide  multi-interface  and 

multi-session  support 

Industry-first  4GB  packet  capture  buffer 

Wireless  Site  Survey  Modes 

Nanosecond  resolution 

Now  over  450  Expert  Events 

SNMP,  RMON  and  now  HCRMON  support 


Portable  analyzer  systems 
Rack-mount  Probes  ready  to  go 
Direct,  passive  link  for  independent  views 


OBSERVER  SUITE 


•  Complete  SNMP  device  management 

•  Supports  full  RM0N1 ,  RM0N2.  HCRMON 

•  Web  Publishing  Reports 


US  &  Canada  Toll  free:  (800)  526-5958  •  Fax:  (952)  932-9545  •  UK  &  Europe:  +44  (0)  1959  569880 


NETWORK 

INSTRUMENTS 


One  Network  Complete  Control  Wired  to  Wireless  •  LAN  to  WAN 


OBSERVER 


OBSERVER 


www.networkinstruments.com/nine 


©  2004  Network  Instruments,  LLC.  All  rights  reserved.  Observer,  Network  Instruments  and  the 
Network  Instruments  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 


Yes,  you  can  Switch 
Power  over  the  Internet... 


Servers,  routers,  and  other  electronic  equipment  sometimes 
“lock-up,”  often  requiring  a  service  call  to  a  remote  site  just  to  flip 
the  power  switch  to  perform  a  simple  reboot... 

The  NBB  “Mini”  Boot  Bar  Power  Switch,  gives  you  the  ability  to 
perform  this  function  from  anywhere! 

m  Web  Browser  Access  for  Easy  Operation 
si  Teinet  and  Serial  Access 
tl  Encrypted  Password  Security 
wt  Five  Individual  Outlets 
S  Power-up  Sequencing 
US  On  /  Off  /  Reboot  Switching 
m  Versatile  Zero  U  Mounting 


3  WT  I  Network  Boot  Bdi 
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m 

[LDtQfel 

NETWORK  BOOT  BAR 

LOCATION:  NBB  Live  Demo  Unit 

SWTTCH  PANEL 

Firmware  Version:  1.01 

Plug  Name 

Status 

On 

Off 

Boot 

1  Server_l 
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2  Server_2 

jsl) 

r 

r 

r 

3  Hub 
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4  Router 

HB 
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5  Modem 

fSM 
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Pfcigs 

Setup  |  LogCW  | 

Rslrosh  | 

Apply  | 

Ceeci  | 

WWW.  wti.  com  (800)  854-7226 
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Storage  Solutions 


■■■■. 


►  NAS  -  Network  Attached  Storage  (Embedded)  ►  DAS  -  Direct  Attached  Storage*  ►  SAN  -  (FC-SATA,  FC-FC) 

■  . . 

Storage  technology  protocols  Key  differences  among  competition: 

►  7x24  global  support 

►  Online  and  real-time  depot  parts  express 

►  Channel  program  to  enhance  Xtore’s  business  partners  profitability  (XVP) 

►  Highly  compatible  solution  with  certified  third  party  partners 


►  ATA 

►  SATA 

►  SCSI 

►  FIBRE 


►  Visit  our  website 

www.xtore-es.com 

“Direct  Attached  Storage  (ATA,  SCSI,  SATA.FC) 


US  Headquarters  :  17959  E.  Ajax  Circle  /  City  of  Industry, CA  91 748 

Phone:  (626)  581-7015  /  Fax:  (626)  581-7065  /  E-mail:  sales@xtore-es.com 

©  Copyright  2004  •  All  rights  reserved  to  Xtore  Extreme  Storage,  Inc.  Concept  and  Design  by  Bluesky133.com 


NetworkWorld 

THE  HUB  OF  THE  NETWORK  BUY 


f  * 

1  * 


instantly  Search 
Gigabytes  of  Text 
Across  a  PC,  Network,  Intranet  or  Internet 


Publish  Large  Document  Collections  to  the  Web  or  to  CD/DVD 


4  over  two  dozen  indexed,  unindexed,  fielded  &  full-text  search  options 

*  highlights  hits  in  HTML,  XML.  &  PDF  while  displaying  embedded  links,  formatting  &  [ 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet,  email,  ZIP,  Unicode,  etc.) 
to  HTML  for  display  with  highlighted  hits 


images 


“The  most  powerful  document  search 
tool  on  the  market”  -Wired  Magazine 

“Intuitive  and  austere  ...  a  superb 
search  tool”  -PC  World 

“Blindingly  fast”  -Computer  Forensics: 
Incident  Response  Essentials 

“A  powerful  arsenal  of  search  tools” 
-The  New  York  Times 

diSearch  “covers  all  data  sources ...  j 
powerful  Web-based  engines”  -eWEEK j 

“Searches  at  blazing  speeds” 

-Computer  Reseller  News  Test  Center 

In  the  past  two  years,  over  half  of  the 
Fortune  15  purchased  dtSearch 
developer  or  network  licenses. 

See  www.dtsearch.com  for: 

♦  hundreds  of  developer  case  studies  &  reviews 

♦  fully-functional  evaluations 

1  -800-IT-FINDS 

sales@dtsearch.com 


jvJIdtSearchj 


"Industrial-strength  ... 

I  superb’-PC  Magazine 

♦  from  $2,500 

The  Smart  Choice  for  Text  Retrieval®  since  1991 


Attention  Resellers! 


SECUREMATICS 

The  Right  decision  for  Security  Products 

Best  Source  for  SONICWAlC 
Security  Products! 

LIMITED  TIME  OFFER! 

•  Earn  1  FREE  SonicU  e*Training 
Class  for  every  $15K  In  SonlcWALL 
purchases  from  Securematlcs." 

•  New  SonlcWALL  Resellers  will  receive  1  FREE 
SonicU  Electronic  Training  Course  with  purchase 
of  any  Demo  Unit 


Securematics  is  a  SonicWALL  Authorized  Distributor  &  Training  Partner 
To  sign  up  for  the  Medallion  Partner  Program,  please  contact  us. 

Call  -  888-746-6700  sales@securematics.com  www.securematics.com 


WWW.SU1TCASE.COM 


Luggage,  Fine  Leather  Goods,  Gifts,  and  more! 

Tumi,  Hartmann,  Andiamo,  Samsonite,  Cross 

10%  discount  for  Network  World  readers 
Enter  code  NWW2004 


For  toore  Information 
on  advertising  In 
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UltraMatrix  Remote 

REMOTE  MULTIPLE  USER 
KVM  MATRIX  SWITCH 
ACCESS  OVER  IP  OR  LOCALLY 


UltraConsole 

PROFESSIONAL  SINGLE-USER 
KVM  SWITCH  SUPPORTS  UP 
TO  1000  COMPUTERS 


Connects  1,000  computers  to  multiple  user  stations 
over  IP  or  locally 

High  quality  video  up  to  1280  x  1024 
Scaling,  scrolling,  and  auto-size  features 
Secure  encrypted  operation  with  login  and  computer 
access  control 

Advanced  visual  interface  (AVI) 

No  need  to  power  down  servers  to  install 
Free  lifetime  upgrade  of  firmware 
Available  in  several  models 
Easy  to  expand 


•  Connects  up  to  1000  computers  to  a  KVM  station 

•  Models  for  4,  8,16  computers 

•  Advanced  visual  interface  (AVI) 

•  Compatible  with  Windows,  Linux,  Solaris,  and  other  O/S 

•  Connects  to  PS/2,  Sun,  USB,  or  serial  devices 

•  Converts  RS232  serial  to  VGA  and  PS/2  keyboard 

•  Free  lifetime  upgrade  of  firmware 

•  Security  features  prevent  unauthorized  access 

•  Full  emulation  of  keyboard  and  mouse  functions  for  automatic, 
simultaneous  booting 

•  Easy  to  expand  _  _ 


RackView™ 

KVM  RACK  DRAWER  WITH  KVM  SWITCH  OPTION 


800  333  9343 

WWW.ROSE.COM 


ELECTRONICS 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


A  KVM  switch  allows  single  or  multiple 
workstations  to  have  local  or  remote  access  to 
multiple  computers  located  in  server  rooms  or 
on  the  desktop  regardless  of  their  platforms 
and  operating  systems.  KVM  switches  have 
traditionally  provided  cost  savings  in  reducing 
energy  and  equipment  costs  while  freeing  up 
valuable  real  estate. 


Recognized  as  the  pioneer  of  KVM  switch 
technology.  Rose  Electronics  offers  the 
industry's  most  comprehensive  range  of 
server  management  products  such  as  KVM 
switches,  extenders  and  remote  access 
solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use 
and  innovative  technology. 


Rose  Electronics  is  privately  held  with  world- 
headquarters  in  Houston,  Texas  and  sells  its 
products  worldwide  through  a  large  network  of 
Resellers  and  Distributors.  Rose  has 
operations  in  the  United  Kingdom,  Spain, 
Germany,  Benelux,  Singapore  and  Australia. 


Rose  Electronics 
10707  Standiff  Road 
Houston,  Texas  77099 


ROSE  US  +281  933  7673 

ROSE  EUROPE  +  44  (0)  1 264  850574 

ROSE  ASIA  +65  6324  2322 

ROSE  AUSTRALIA  +617  3388  1540 
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Power  Control 


What's  Your 
r~TB  Current’  Load? 

Verify  Amps  Used  per  Circuit 
with  Sentry  Input  Current  Monitor 

•  Precisely  measure  the  current,  in  amps, 
for  each  power  circuit 

•  Prevent  overloads  on  existing  power  circuits 

•  Reduce  costs  for  additional  power  circuits 

•  Overcurrent  alarms 

•  Remote  Measurement  via  IP  or  RS-232 

•  Local  Measurement  via  digital  display 

Sentry  Power  Tower.  Equipment  Cabinet  Solutions. 


Server  Technology,  Inc. 


1040  Sandhill  Drive  Reno,  Nevada  89511  USA 
web:  www.servertech.com  toll  free:  1.800.835.1515 


- ■ 


Stop  juggling  with 
multiple  management  tools 

/  w 

x  $£) 


*4  Keep  IT  simple 


ManageEngine ' 

Ifl^  OpManager 

Network,  Systems  and  Application  Management 


Take  control  of  your  network,  systems  and  application 
infrastructure  before  it  controls  you.  OpManager  provides 
integrated  management  for  IT  infrastructure. 

Move  to  integrated  management.  Try  OpManager  today. 

Available  for  Linux,  Solaris  and  Windows 


Exct 


ceUe nee  Matter* 


it  careers.com 


it  careers 


Advertising  Supplement 


Talk  to  any  senior  business  leader  across  the 
United  States,  and  it  takes  little  time  to  get 
around  to  a  major  concern  -  having  enough 
technology  workers  for  the  future.  It's  a  hard 
message  to  sell  after  three  steady  years  of  layoffs 
and  off-shoring  of  work  in  the  technology  sector. 
The  concern  is  real,  however,  as  other  countries 
boast  of  growing  numbers  of  engineering  and 
technology  workers  -  workers  who  may  create 
the  next  great  breakthrough.  Add  to  the 
competitive  concern  the  recent  uptick  in  hiring. 
Companies  such  as  Lockheed  Martin  have 
announced  plans  to  hire  up  to  60,000  new 
workers  in  this  decade,  in  large  part  due  to 


IT  Careers  and  Diversity 


retirements  but  also  to  fill  the  need  for  advanced 
technology  workers. 

The  competitive  issue  is  real,  too.  China 
graduated  more  than  300,000  engineers  in  2003; 
India  had  more  than  200,000.  Here  in  the  United 
States,  the  number  of  engineering  graduates  was 
slightly  over  78,000. 

It's  one  of  the  many  reasons  that  the  Information 
Technology  Association  of  America,  the  National 
Action  Council  for  Minorities  in  Engineering,  and 
the  Commission  on  Professionals  in  Science  and 
Technology  -  along  with  individuals  such  as 
Tyrone  Taborn,  founder  of  Career  Communications, 


and  companies  such  as  IBM  -  continue  to  pound 
home  the  message:  technology  careers  need  to 
appeal  to  a  broader  range  of  society;  we  need 
more  young  people  of  color  and  who  are  female 
to  seek  tech  careers. 

Jim  Sinocchi,  spokesman  for  IBM's  diversity 
initiative,  said  this  year’s  Black  Family  Technology 
Week  (founded  by  Taborn)  and  La  Familia 
Technology  Week  scheduled  for  October  2004, 
continue  to  develop  and  reach  out  to  more  and 
more  communities.  The  focus  is  on  hands-on 
experience  with  technology.  "The  celebrities  of 
science  and  technology  are  telling  the  story," 
Sinocchi  explained. 


Top  10  Producers  of  2001  African  American  BS  Engineers 


Institution 
North  Carolina  A&T 
Georgia  Institute  of  Technology 
Tennessee  State  University 
Florida  A&M 
Morgan  State  University 
Southern  University 
Prairie  View  A&M 
Tuskegee  University 
North  Carolina  State-Raleigh 
University  of  Michigan 
Top  1 0  Producers  of  ~ 
Institution 
Mass  Inst  of  Technology 
New  Mexico  State  University 
Oklahoma  State  University 
University  of  Oklahoma 
University  of  New  Mexico 
University  of  Washington 
Worcester  Poly  Institute 


#  of  Grads 
166 
112 
97 
93 
88 
79 
73 
71 
64 
63 

2001  American  Indian  BS  Engineers 

#  of  Grads 


11 

10 

10 

8 

7 

7 

7 

6 


University  of  Michigan 

Tie  for  9:  Arizona  State,  Northern  Arizona, Old  Dominion, 

San  Diego  State,  University  of  Alabama-Huntsville, 

University  of  Florida,  Washington  State  University  5 

Source:  National  Action  Council  for  Minorities  in  Engineering 


Top  10  Producers  of  2001  Women  BS  Engineers 
Institution  #  of  Grads 

Georgia  Institute  of  Technology  330 

University  of  Michigan  309 

Penn  State  249 

University  of  Puerto  Rico  222 

University  of  California/Berkeley  218 

Texas  A&M  215 

Purdue  University  210 

Mass  Institute  of  Technology  207 

University  of  Illinois-Urbana  183 

Cornell  University  182 

Top  10  Producers  of  2001  Latino  BS  Engineers 
Institution  #  of  Grads 

University  of  Puerto  Rico  695 

Poly  Univ  of  Puerto  Rico  311 

University  of  Texas-EI  Paso  137 

Florida  International  University  118 

Texas  A&M  University  95 

University  of  Texas-Austin  88 

University  of  Florida  86 

Cal  Poly  Pomona  82 

Texas  A&M-Kingsville  65 

New  Jersey  Institute  of  Technology  64 


This  year's  Black  Family  Technology  Week  in 
February  showed  applications  of  technology  in 
everything  from  music  to  movie  production. 
During  La  Familia  Technology  Week  last  fall, 
Miyeara  Major  highlighted  her  use  of  computer 
data  in  identifying  a  previously  undiscovered 
primate.  It  didn't  hurt  that  Major  could  tell  her 
story  of  transition  -  from  professional  football 
cheerleader  to  scientist.  "There  is  not  a  metric  on 
how  well  we  succeed  with  young  people," 
Sinocchi  added.  "You  can  only  listen  to  how 
many  questions  they  ask  and  the  'wow'  factor." 

While  appealing  to  young  people  involves 
showing  how  technology  leads  to  careers  and 
role  models,  it  also  means  showing  them  the 
schools  that  attract  and  retain  diverse  students. 
While  these  colleges  are  heavily  weighted  by 
geography  and  membership  in  Historically  Black 
Colleges  &  Universities,  another  option  is 
emerging  -  eArmyU.  The  U.S.  Army's  distance 
education  programs  offers  coursework  to 
enlisted  soldiers,  many  of  whom  are  minorities. 
eArmyU  expects  to  serve  80,000  soldiers  over  the 
next  five  years. 


For  more  information  about  IT  Careers  advertising, 

please  contact;  Nancy  Percival 

Vice  President,  Recruitment  Advertising 

800.762.2977 

500  Old  Connecticut  Path 

Framingham,  MA  01701 

Produced  by  Carole  R.  Hedden 
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Available. 


Earn  your  degree  -  online! 

Use  your  IT  experience  or  certification  toward  the  completion  of  your  degree. 

Flexible  programs  for  busy  adults: 

BS  Computer  Information  Systems 
BS  Information  Technology  -  Network  Management* 

BS  Information  Technology  -  Project  Management* 

BS  Information  Technology  -  Security* 

BS  Information  Technology  -  Software  Development* 

BS  Business  -  IT  Management 
AS  Information  Technology 

*  Your  certification  may  waive  some  degree  requirements. 

Online.  Accelerated.  Affordable.  Accredited 


Federal  financial  aid  available 


Regionally  accredited 


wvsrvsf.wgu.edu /IT  1-866-225-5948 


JAVA  PORTAL  DEVELOPER  / 
TECHNICAL  LEAD  -  A  company 
with  an  office  in  Andover,  Massa¬ 
chusetts,  engaged  in  investment 
management  for  retail  and  insti¬ 
tutional  clients,  has  a  immediate 
need  for  a  highly  skilled  Java 
Portal  Developer  /  Technical 
Lead.  This  experience-intensive, 
hands-on  technical  lead  /  men¬ 
toring  programmer  position  is  re¬ 
sponsible  for  creating,  maintain¬ 
ing  and  documenting  large-scale 
E-commerce  portals  based  on 
converted-into-Java  NetDynam- 
ics™  code,  and  containing  multi¬ 
ple  form-based  applications:  the 
position  is  also  responsible  for 
the  development  of  Epicentric 
modules,  J2EE  java,  and  SOAP- 
based  systems.  The  position 
also  involves  24-hour  /  7-day  on- 
call  availability.  The  position's 
duties  include  the  rapid  develop¬ 
ment  and  deployment  of  large- 
scale  E-commerce  prototypes 
containing  Adobe  Acrobat™ 
SDK-developed  components, 
and  working  models  custom 
developed  for  the  financial  ser¬ 
vices  industry;  the  creation  of 
web  sites  using  Epicentric's 
Foundation  Server'"  and  devel¬ 
opment  of  custom  modules;  the 
utilization  of  the  SUNONE™  Ap¬ 
plication  Framework  to  develop 
Java  code,  and  to  conduct  per¬ 
formance  optimization  using 
automated  testing  tools;  the  cre¬ 
ation  of  web  services  using 
Simple  Object  Access  Protocol 
("SOAP"):  and  the  production  of 
high  quality  design  documenta¬ 
tion  and  user  manuals.  Minimum 
education  required  is  Bachelor's 
degree  in  MIS,  CS,  or  Math.  Min¬ 
imum  experience  required  is  at 
least  8  years  post-degree  busi¬ 
ness  applications  programming 
experience,  at  least  4  years  of 
which  specifically  involved  Java 
and  NetDynamics™.  Base  salary 
is  $  82,500  per  year.  Benefits  in¬ 
clude  fifteen  days  paid  vacation, 
contributory  medical,  dental,  dis¬ 
ability.  life  insurance,  and  other 
industry-competitive  benefits. 
Qualified  applicants  respond  with 
two  (2)  copies  of  resume  only  to: 
Case  #  200203977,  Labor 

Exchange  Office.  19  Staniford 
Street,  1st  Floor,  Boston,  MA 
02114.  An  EOE/MFHV. 


Web  Developer  to  design  devel¬ 
op,  and  modify  client/server  and 
web-based  software  on  a  distrib¬ 
uted  architecture  to  develop  fully 
interactive  web-based  e-learn¬ 
ing  applications  including  multi¬ 
ple  media  development  using 
XML/XSL,  HTML  (cross-browser 
development),  JavaScript, 
Dreamweaver,  Flash,  Java, 
mySQL,  SQL,  JSP.  ASP.  and 
NET.  Builds  new  functions  and 
features  on  the  website  to 
improve  the  effectiveness  of 
websites  for  business,  con¬ 
sumer,  and  internal  users  using 
Java  and  JSP.  Analyzes  require¬ 
ments,  creates  specifications, 
and  develops  horizontal  and  ver¬ 
tical  software  applications  on 
Microsoft  Windows  platform. 
Develops,  enhances,  maintains 
and  supports  users  with  intranet 
applications.  Requires  Bachel¬ 
or's  Degree  in  Computer  Sci¬ 
ence,  Information  Systems,  or 
Information  Systems  Manage¬ 
ment  and  one  year  direct  experi¬ 
ence.  Send  resumes  only,  no 
calls,  to:  Traci  Knudson,  CFO, 
NogginLabs,  Inc.  4619  N. 
Ravenswood,  Ste  303.  Chicago, 
IL  60640. 


Systems  Analysts  (ERP/ 
Financials):  Analyze,  design  & 
administer  enterprise  apps.  and 
systems  including  financials/ 
transport  Admin./Mgmt.  in 
Lawson  Apps.  (Financials/ 
Admin.),  Oracle,  SQL  Server, 
Unix,  AS400,  COBOL,  VB.  For 
complete  job  description  or  to 
apply,  send  resume/contact 
HR/IT-SA,  URSI,  10701 
Middlebelt  Road,  Romulus,  Ml 
48174.  No  phone  calls  please. 
Principals  only.  EOE. 


Company  seeks  Sr.  Software 
Eng.  for  design  and  development 
of  object-oriented,  distributed  ob¬ 
ject,  and  component-based  and 
web-based  systems  including 
multi-tier  architectures.  The  Sr. 
Software  Eng.  utilizes  relational 
d-base,  ORACLE  under  Win¬ 
dows  NT/2000  and  UNIX  (Sun 
Solaris.  HPUX)  to  dev.  s/w  in 
XML  &  Enterprise  Java  (incl. 
JSP.  EJB,  JMS,  &  Servlets  com¬ 
ponents).  Application  servers 
utilized  incl.  Webshop  &  Weblog- 
ic.  Object-oriented  systems  uti¬ 
lized  include  UML,  Rational 
Rose,  and  Visual  Cafe.  Salary  is 
$75000/yr.  f-t  (40  hrs/wk).  Min 
Req:  Bach,  or  foreign  degree 
equivalent  in  Computer  Eng., 
Eng.  or  related  +  2  years  exp.  in 
S/w  Devlpmnt  using  OFtACLE 
under  Windows  NT  and  Unix 
(Sun  Solaris.  HP  UX)  platforms 
in  app.  domains  as  follows: 
Enterprise  Java  (incl.  JSP,  EJB, 
JMS  and  Servlets),  XML,  and 
Object-oriented  systems  incl. 
UML,  Rational  Rose,  and  Visual 
Cafe.  PI.  submit  two  (2)  resum¬ 
es  to:  Case  #200204180  Division 
of  Career  Services  Labor  Certi¬ 
fication  Unit,  19  Staniford  St..  1st 
fl„  Boston,  MA  02114. 


SQL  Server  Specialist,  Hunters¬ 
ville,  NC,  InterCerve,  Inc.  Man¬ 
age  database  admin,  services 
for  InterCerve's  managed  host¬ 
ing  operations  and  lead  the  sup¬ 
port  and  implementation  ser¬ 
vices  for  a  premier  SQL  Server 
tool.  Reqs.  BA  in  Comp.  Science 
&  4  yrs.  exp /  The  4  yrs  must  incl. 
work  w/  SQL  Server  Admin, 
product  dvlp.  cycles  &  process¬ 
es,  Windows  networking,  Win¬ 
dows  2000/2003,  Active  Direc¬ 
tory,  Microsoft  appl.  dvlp.  Exp. 
and  NET.  3  yrs  of  exp.  must  incl. 
work  w /  T-SQL,  DTS,  BCP,  repli¬ 
cation,  clustering,  log  shipping  & 
writing  &  executing  software  ac¬ 
ceptance  tests.  M-F,  8-5,  Send 
resume  to  Human  Resources, 
InterCerve.  Inc.,  16415  D. 
Northcross  Drive.  Huntersville. 
NC  28078.  No  phone  calls. 
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Life  at  Lilly 


real  people  doing  extraordinary  things 


Lilly  is  about  breakthrough  medicines  and  treatments  to  confront  many  of  the  world's  most  challenging  diseases.  It's  only  through 
our  diverse  workforce  that  we  are  empowered  to  discover  innovative  solutions  that  help  improve  lives.  The  varied  perspectives, 
experiences,  and  training  of  our  employees  fuel  the  creativity  and  energy  that  drive  our  company.  You  will  find  an  exceptionally 
diverse  group  of  people  at  Lilly  who  are  respected  for  who  they  are,  what  they  do,  their  differences,  and  similarities. 

We  invite  you  to  learn  more  about  Lilly's  challenging  and  rewarding  IT  careers  in  the  following  areas: 

•  Marketing  •  Research  &  Development  •  Finance  •  Clinical/Regulatory  •  Infrastructure  •  Manufacturing  •  SAP 


For  more  information  on  these  and  other  opportunities  or  to  apply  online,  please  visit  www.lilly.com/careers. 
Eli  Lilly  and  Company  is  an  equal  opportunity  employer. 


www.UUy.com/careers 


Answers  That  Matter. 
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1  Senior  Manager 

i 

(Glen  Mills,  PA  and  other  com¬ 
pany  +  client  locations  through¬ 
out  the  United  States)  Manage 
design/execution  of  manual  + 
automated  conversion  of  data 
from  Mainframe-based  systems 
to  Oracle  81  including  planning  a 
conversion  strategy,  developing 
program  specifications  and  con¬ 
version  programs,  overseeing 
data  entry  conversion  efforts 
and  conducting  data  loads  to  tar¬ 
get  systems.  Evaluate  technolo¬ 
gy  options,  prepare  cost/benefit 
analysis  and  conduct  Business 
Process  Re-engineering  and 
analysis  in  order  to  develop 
business  cases  to  identify 
appropriate  solutions  and  rec¬ 
ommend  changes  to  existing 
processes  for  public  sector 
agencies.  Responsible  for  man¬ 
aging  client  relations  and 
addressing  risk  assessment  and 
scope  management  issues  as 
well  as  developing  work  plans, 
project  budgets,  and  reviewing 
client  deliverables.  Oversee 
web-based  systems  implemen¬ 
tation  projects  for  public  sector 
agencies.  Draft  responses  to 
RFPs  (Request  for  Proposal)  by 
public  sector  agencies  and  write 
proposals  for  selling  engage¬ 
ments  in  order  to  identify  oppor¬ 
tunities  to  sell  businesses  to 
new  and  existing  clients. 

Salary:  $111, 132/year.  Work 
schedule  is  M-F  9am-5pm. 
Position  requires:  Master's 
degree  in  Business  Admin¬ 
istration,  Public  Policy  Manage¬ 
ment,  Engineering  or  Info 
Systems  plus  4  years  experi¬ 
ence  in  the  job  offered  in  related 
occupation  of  Senior  Manager, 
Manager,  Senior  Consultant. 
Experience  in  offered  position  or 
related  occupation  must  include 
1.5  years  of  experience  manag¬ 
ing  programs  for  public  sector 
agencies  including  drafting  RFP 
(Request  for  Proposal)  respons¬ 
es,  risk  assessment,  scope 
management,  and  work  plan 
development  in  addition  to 
Business  Process  Re-engineer¬ 
ing  and  analysis,  Testing  Tool 
WinRunner  and  Oracle. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number  WEB 
406726  to:  PA  CareerLink,  FLC 
Unit,  235  W  Chelten  Ave., 
Philadelphia.  PA  19144.  EOE. 

Computers 

IT  Analyst 

Multiple  Openings.  Research 
Triangle  Park,  NC.  Participate 
in  IT  projects  involving  busi¬ 
ness  analysis,  project  manage¬ 
ment,  and  IT  strategy  and  sys¬ 
tem  development  for  R&D  IT 
department.  Perform  new  tech¬ 
nology  evaluations  and  imple¬ 
mentations,  object  oriented 
programming,  statistical  analy¬ 
sis,  client  server  and  network 
engineering,  and  database  sys¬ 
tem  development.  Analyze 
requirements  and  participate  in 
detailed  system  design.  Define 
detailed  systems  requirements. 
Perform  scope/  business 
needs  analysis  and  benefits 
realization  to  develop  IT  solu¬ 
tions  to  meet  needs  of  various 
business  sectors.  Req.: 
Master's  degree  in  CS  or  Info. 
Sys.  Mgmt.  Working  knowl¬ 
edge,  through  academic 
coursework  or  experience,  of 
the  following:  Together  and 
Rationale;  requirement  docu¬ 
mentation  &  info,  modeling 
techniques  incl.  use  cases,  log¬ 
ical  design,  ER  diagrams  & 
sequence  diagrams  &  testing  of 
info.  sys.  by  developing  testing 
plans,  test  cases  &  test  reports; 
COM,  DCOM,  EJB,  BizTALK  & 
object  oriented  design  &  pro¬ 
gramming;  and  XML  &  Web 
Services,  Oracle  Database 
Management,  Oracle  Forms, 
Apache  &  IIS. 

GSK  is  dedicated  to  an  innova¬ 
tive  workplace  and  supports 
you  with  career-long  opportuni¬ 
ties  &  learning.  We  offer  a 
competitive  benefits  and  com¬ 
pensation  package.  For  confi¬ 
dential  consideration  please 
forward  2  copies  of  resume  to: 
BHG  Box  33808,  220  E.  42nd 
St.,  14th  FI.,  NY,  NY  10017. 
Indicating  ad  code  "ITA"  is 
essential.  Principals  only,  no 
agencies.  GSK  is  proud  to  pro¬ 
mote  an  open  culture,  encour¬ 
aging  people  to  be  themselves 
and  giving  their  ideas  a  chance 
to  flourish.  GSK  is  an  equal 
opportunity  employer. 

Programmer  Analyst.  Sought  by 
Englewood  Colorado  consulting 
company  to  work  in  various 
unanticipated  locations  through¬ 
out  the  U.S.  Duties:  Analyze, 
plan,  develop,  test  and  docu¬ 
ment  computer  programs  includ¬ 
ing  network  communication  pro¬ 
grams.  Evaluate  user  requests 
and  software  program  require¬ 
ments  for  new  and  modified  pro¬ 
grams.  Write  specifications, 
code,  test  and  debug  computer 
programs.  Customize  software 
to  client  needs.  Use  of  Java, 
ATG  Dynamo,  Oracle,  HTML, 
C/C++.  Perl  5.0  and  Windows 
NT.  Reqs.  Bachelor  or  equiva¬ 
lent  in  Computer  Science, 
Computer  Engineering,  Engin¬ 
eering  (any  field)  or  related  field. 
Plus  6  mos  in  the  job  offered  or 
6  mos  in  a  related  occupation, 
including  Programmer,  Software 
Engineer  or  Systems  Analyst. 
$66, 000/year,  40/hrs/wk,  8AM- 
5PM.  .  Respond  by  resume  to 
WORKFORCE  DEVELOP¬ 

MENT  PROGRAMS,  PO  Box 
46547,  Denver,  CO  80202,  and 
refer  to  Job  Order  No.  CO 
5073173 

Software  Engineers  & 
Programmer  Analysts 
needed.  Exp.  in  Client 
Server  Applications  w / 
ERP  Packages  &  Web 
applications  preferred. 
Seeking  qual.  candidates 
possessing  AA/BS/MS 
degree  or  equiv.  and/or 
rel.  work  exp.  Send  res., 
ref.,  &  sal.  req.  to  Saiven 
Info  Links,  Inc.,  1425 
Louis  Ave.,  #104,  Elk 
Grove,  IL  60007. 

Software  Enaineers 

Design  and  develop  Enterprise 
Application  Integration  (EAI) 
solutions. 

Min.  Educ.  Bachelor's  degree 
or  equi.  Some  positions  re¬ 
quire  Master's  degree  or  equi. 
Min.  Exp.  -  Adequate  industry 
experience.  Job  may  involve 
working  at  various  locations 
throughout  the  US. 

Please  send  resume  to: 

Selectiva  Systems,  Inc. 

3333  Warrenville  Rd. 

Suite  200 

Lisle,  IL  60532 

System  Analysts  to  analyze, 
design  appls  using  Java,  VB, 
JScript,  VBScript,  HTML,  Orac¬ 
le,  DB2,  ASP  under  Windows/ 
UNIX  OS;  responsible  for  pro¬ 
ject  planning,  time  &  cost  sched¬ 
ules,  quality  of  deliverables; 
study/evaluate  new  technolo¬ 
gies/methodologies;  provide 
tech/business  guidance  for  com¬ 
plex  user  problems;  provide 
methodologies  to  follow;  interact 
with  clients.  Require:  Master's  or 
foreign  equiv  in  CS/Engg(any 
branch)/Business  Admin.  High 
Salary.  F/T.  Travel  involved. 
Resume  to:  HR,  Salem  Associ¬ 
ates,  Inc.,  405,  6th  Ave.,  Ste 
102,  Des  Moines,  IA  50309. 

Senior  Systems 
Analyst/Programmer 

Translate  business  require¬ 
ments  into  comprehensive  an¬ 
alysis  and  design  models  using 
UML  and  Rational  XDE/Rose. 
Build,  test  and  deploy  applica¬ 
tion  and  database  components 
over  Weblogic,  Oracle8i,  SAS 
and  Unix.  Assist  in  the  develop¬ 
ment  of  asynchronous  messag¬ 
ing  infrastructures  and  contracts 
using  JMS,  XML,  XSD,  J2EE 
and  JDBC.  Position  utilizes 
object-oriented  analysis  and 
design  concepts  such  as  pat¬ 
terns  and  frameworks.  Req.  2 
years  previous  experience.  Prev 
exp.  must  involve  developing 
analysis  and  design  models 
using  UML  and  Rational  XDE/ 
Rose.  Apply  to:  BLC  Consulting, 
26  Jefferson  Court,  Wethers¬ 
field,  CT  06109. 

Computer:  Software  Engineer, 
Programmer  Analysts,  Database 
Analyst,  Systems  Analyst, 
Network  Admin,  for  NJ  IT  firm. 
Need  Bach  +1  yr  exp  for  Jr.  Lvl 
positions  and  Masts  +2  yrs  or 
Bach  +  5  yrs  of  exp  for  Sr.  Lvl 
position.  Various  skill  req: 
Oracle,  VB,  PL/SQL,  SQL*Plus, 
Java,  JDBC,  Java  Servlets,  RMI, 
JFC,  Swing,  Java  Beans,  Cl 
C++.  Win  NT/2000,  MS  Access 
2002,  UNIX,  Shell  Scripting, 
Dream  weaver,  Websphere, 
Web  logic,  TOAD,  HTML, 
DHTML,  ASP,  Javascript,  XML, 
Rational  Rose,  Peoplesoft  & 
SAP,  Oracle  Financials,  Data¬ 
warehousing,  QA  testing, 
Microsoft,  Net.  Apply  w/  2 
copies  of  resume  to  HRD, 
Software  Research  Group,  Inc., 
485  E  Rt  1  South,  #240,  Iselin, 
NJ  08830. 

Programmer  Analyst  needed. 
Duties  include  performing  main¬ 
tenance,  code  and  test  existing 
programs;  analyze  and  develop 
programs.  Work  with  the  follow¬ 
ing:  VB,  Net,  Oracle,  Java  and 
Tibco  Integration  Suite.  Req..  4 
yrs  of  rel.  work  exp.  or  a  BS 
degree  or  equivalent  and  2 
years  of  rel.  work  exp  MS 
degree  preferred.  Exp.  must 
include  2  years  developing 
mainframe,  client/server,  or  web 
applications.  No  relocation.  Mail 
resume,  references  and  salary 
requirements  to  Inventory 
Locator  Service,  LLC,  Attn: 
Human  Resources,  Job  Code 
IS308,  8001  Centerview  Park¬ 
way.  Suite  400,  Memphis,  TN 
38018. 

S/WEngineers  to  analyze,  de¬ 
sign,  develop  financial  appls 
using  OOD.C++,  VC++,  MFC, 
Visual  Source  Safe,  SQL  Server, 
Rational  Rose,  CrystalReports, 
FtAIMA,  ImageMan,  ADO  under 
Windows/UNIX  OS;  perform 
system/functional  req  analysis; 
document  detailed  project 
specs,  review  conceptual  mod¬ 
el  with  users;provide  training/ 
user  support  for  related  soft¬ 
ware;  perform  debugging/modifi¬ 
cations  of  existing  software. 
Require:  M  S.  or  foreignequiv.  in 
CS/Engg.  (any  branch)  with  1  yr 
exp  in  IT.  High  Salary.  F/T  posi¬ 
tion.  travel  involved.  Resume  to: 
HR,  Autosig  Systems,  Inc.,  201, 
Price  Hills  Trail,  Sugar  Hill,  GA 
30518. 

Software  Engineer.  Develop 
&  implement  web  sites  for 
client  companies  using 
Vignette  &  e-business  s/w 
products.  Integrate  XML 
technologies  &  solutions  into 
Java  based  framework  & 
troubleshoot.  Req:  Bachel¬ 
or's  in  Comp.  Sci.,  Comp. 
Eng.,  Electrical  Eng.,  or 
Business  Mgmt.  40hrs/wk. 
Job/Interview  Site:  Long 
Beach,  CA.  Send  resume  to 
UniSAP,  Inc.  @  24881  Alicia 
Pkwy,  Laguna  Hills,  CA 
92653. 

WEB  DEVELOPER  to  design 
and  develop  customized  web 
applications  using  C#,  VB.NET, 
ASP.NET,  ADO.NET,  XML, 
ASP,  JavaScript,  VB.COM  and 
Object  Oriented  Design  princi¬ 
ples;  create  a  central  code 
base  for  rapid  generating  sta¬ 
tistical  analysis  websites  (CMI's 
QtabsTM);  develop  Windows- 
based  applications  to  automate 
survey  sample  management; 
create  VBA  for  statistical  analy¬ 
sis  of  survey  data;  manage 
data  in  SQL  Server  2000  with 
Triggers,  Cursors,  Stored  pro¬ 
cedure,  Functions,  DTS,  and 
Full-Text  Index  search.  Re¬ 
quire:  Bachelor's  in  Computer 
Science/Information  Systems. 
Competitive  salary  offered. 
Apply  with  resume  to:  Vice 
President,  ConsumerMetrics, 
Inc.,  1745  Old  Springhouse 
Lane,  Suite  400,  Atlanta,  GA 
30338. 

Systems  Analyst  (GA)  Design, 
develop,  code,  test,  debug  & 
troubleshoot  a  variety  of  prod¬ 
ucts  in  a  client  server  environ¬ 
ments  using  Oracle  2000,  C  & 
Visual  C++  on  IBM  compatible 
PCs  &  UNIX  based  servers. 
Develop  special  modifications  & 
internet  accessing  enhance¬ 
ments  for  SDL  &  MBB  platforms 
applying  Java,  RMI,  TCP/IP  & 
EJB  in  Linux  &  Sun  Solaris  envi¬ 
ronments.  Conduct  change  & 
impact  analysis,  quality  reviews 
&  engage  in  custom  develop¬ 
ment  of  key  modules.  Bachelor's 
degree  or  equiv.  in  Computer 
Science  or  any  Engineering  or 
related  field,  and  relevant  expe¬ 
rience.  Send  cover  letter  and 
resume  to  Vivian  Fernandes, 
MBT  International,  Inc.,  400 
Perimeter  Center  Terrace  NE, 
Suite  900,  Atlanta,  GA  30346. 

Chief  Technical  Officer:  Co. 
developing  new  Speech, 
Telephony.  Vision  &  Internet 
products.  Strategic  planning, 
client  projects,  multi-media  con¬ 
current  sys,  lead  developers, 
assign  projects.  Req's:  PhD  Deg 
in  Comp  Sci,  Comp  &  Info  Sci  or 
related  field.  3  yrs  exp  in  job 
offered  or  3  yrs  advanced  tech¬ 
nology  software  development 
exp  which  must  incl.,  concurren¬ 
cy  theory  &  practice,  real-time  & 
large-scale  object-oriented  sys. 
Exp  can  have  been  gained  while 
pursuing  degree.  Proficiency  in 
Java.  C++,  Visual  Basic,  Oracle, 
RDBMS,  Telecom  &  Internet. 
Ability  to  present  &  publish 
results.  40hrs/wk.  Send  res.  to 
D-3,  PO.  Box  506,  Phila,  PA 
19105. 

Senior  Internet 
ADDlications  DeveloDer 

Affiliated  Computer  Services, 
Inc.  (ACS)  currently  has  an  op¬ 
ening  for  a  full  time  Senior 
Internet  Applications  Developer 
in  its  Lexington,  Kentucky  opera¬ 
tions.  Must  have  Bachelor  de¬ 
gree  in  Computer  Science  or 
Engineering  with  5  years  experi¬ 
ence  in  designing  and  develop¬ 
ing  web  based  applications  us¬ 
ing  Java  and  ASP,  including 
therein  2  years  experience  de¬ 
signing  EDI  and  DDE  applica¬ 
tions  according  to  HIPAA  regula¬ 
tions  using  Cold  Fusion.  Must 
have  authorization  to  work  in  the 
U.S.  Please  send  resume  by 
mail  to:  Technical  Recruiter, 
2432  Fortune  Drive,  Suite  120, 
Lexington,  KY  40509  or  via  fax 
to  859-389-4182.  No  phone 
calls  please.  EOE 

Sr.  S/W  QA  Eng  sought  to  perf 
s/w  component  or  app  testing, 
incl  functional  testing,  installa¬ 
tion  testing,  integration  testing 
@  component  level,  stress/load 
testing  @  app  level,  user  inter¬ 
face  testing,  patch  testing,  doc 
testing,  &  performance  testing 
@  component  level.  Bach  in  CS, 
Eng,  or  closely  related  req’d; 
4yrs  SQA  exp  req'd.  Knowledge 
of  SQA  concepts  functional  test¬ 
ing,  integrated  testing,  doc  test¬ 
ing,  &  test  environment  set  up; 
telecom  stndrds  incl  SS7,  TCAP, 
ISUP,  IS41P,  IS826,  &  IS771; 
exp  w/  scripting  lang;  hands-on 
exp  creating  SS7  load  &  function 
test  using  INET/MGTS  script 
dvlp;  understanding  of  entire 
S/W  dvlpmt  process,  incl  specifi¬ 
cation,  doc,  &  QA.  Contact 
Lightbridge,  Inc.,  320  Inter- 
locken  Pkwy,  Broomfield,  CO 
80021.  Attn:  Cynthia  Kelly  w/  2 
resumes.  Job  #1465.0101. 

System  Developer:  Design,  de¬ 
velop,  and  implement  software 
system  for  government  Head 
Start  and  Pre-K  program  using 
C#.net,  ASP.net  and  Microsoft 
SQL  Server  databases.  Work 
with  identified  software  prob¬ 
lems  to  determine  the  sequence 
of  events  that  cause  the  problem 
and  to  correct  any  deficiency. 
Involved  in  all  phases  of  enter¬ 
prise  development  including  se¬ 
quence  diagram  and  class  dia¬ 
gram.  Req.  BS  or  equivalent  in 
CS  or  CIS.  Must  be  proficient  in 
C#.net,  Developer  Express  Xtra- 
Grid  Suite,  SQL  Server,  Installa¬ 
tion  Shield  and  Crystal  Report. 
MCSD  Certificate  required.  40 
hr/wk,  9-5.  Send  resume  to 
ChildPlus  Software,  Inc.  at  1117 
Perimeter  Center  West,  Suite 
300W,  Atlanta.  GA  30338. 
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IMPATH  lr>c.,  is  in  the  business 
of  improving  outcomes  for  can¬ 
cer  patients,  and  is  a  leading 
source  of  cancer  information 
and  analyses  We  develop  and 
offer  innovative  products  and 
services  that  allow  for  more  ac¬ 
curate  diagnoses,  and  effective 
treatments  for  cancer  patients. 
Our  talented  IT  team  leads  the 
way  in  our  success,  laying  the 
groundwork  for  excellence. 

HP-UNIX  ADMINISTRATOR 
Based  in  our  NYC  operations, 
you  will  be  responsible  for 
administering  K,  D  Class  HP- 
UNIX  Servers  and  HP  Storage 
Arrays.  Knowledge  of  HP  back¬ 
up  tools  such  as  OMNIBACK  II 
&  HP  Data  protector  5.0  and 
Microsoft  Windows  NT/2000 
Server  Administration  are  re¬ 
quired.  The  ability  to  maintain, 
diagnose,  and  repair  COMPAQ 
Server  Hardware,  and  familiarity 
with  specific  healthcare  billing 
and  networking  concepts,  insur¬ 
ance  applications,  and  network 
devices  such  as  Router,  Switch¬ 
es  and  firewalls  are  essential. 

Candidates  must  be  a  Microsoft 
Certified  System  Engineer  with 
4+  years  experience,  and  have 
previously  assisted  laboratory 
departments  in  the  generation  of 
accurate  scientific  patient  re¬ 
ports.  The  ability  to  provide  end 
user  support  for  Microsoft  office 
products,  home  grown  and  im¬ 
aging  applications  is  required. 
HP  UNIX  and  Windows  2000 
Platform  training  from  authoriz¬ 
ed  training  centers  is  preferred. 

We  offer  a  highly  competitive  sa¬ 
lary  and  comprehensive  benefits 
package  that  includes  immedi¬ 
ate  medical/dental/vision  bene¬ 
fits,  3  weeks  vacation  to  start 
and  100%  fully  vested  401  (k). 
For  immediate  consideration, 
please  apply  online  through  the 
"Careers"  section  of  our  website 
at  www.impath.com  EOE 
I M  PAT  H 

The  Cancer  Information 
Company 


Database  Analyst.  BS  in  comp, 
sci  or  rel.  field;  exp  to  incl.  DB2 
(physical  dsgn,  implmt.,  change 
mgt.,  backup  &  recovery,  &  per¬ 
formance  tuning),  DB  apps.: 
demonstrate  know,  of  main¬ 
frame,  distributed,  &/or  web 
prog,  lang.;  demonstrated  com¬ 
munication  skills,  knowl  of  insur¬ 
ance  &  fin,  svces,  &  willing  to 
travel  &  do  on-call  support. 
JOB#ACW23172. 

IT  Systems  Analyst.  BS  in  comp 
sci  or  rel.  field  exp.  to  incl  J2EE 
app.  servers,  object  oriented  & 
internet  technologies,  distributed 
computing  &  enterprise  connec¬ 
tivity,  web  app.  dev.,  sys.  admin. 
&  monitoring  tools,  formal  itera¬ 
tive  dev.  proc.,  &  mult,  platforms 
(Unix  &  Windows);  demonstrat¬ 
ed  communication  skills,  knowl 
of  insurance  &  fin.  svces,  &  will¬ 
ing  to  travel  &  do  on-call  sup¬ 
port.  JOB#ACW23173. 

Java  Developer.  BS  in  com.  sci 
or  rel.  field;  exp.  to  incl.  Java 
(servlets  &  JSPs),  struts, 
XSL/XML  &  DB2;  demonstrated 
communication  skills,  knowl  of 
insurance  &  fin  services,  &  will¬ 
ing  to  travel  &  do  on-call  sup¬ 
port.  JOB#ACW23171.  Resume 
&  cvr  Itr  to:  Principal  Financial 
Group:  opportunity@exchange.prin- 
dpal.oom;  HR  Employment,  Des 
Moines,  IA  50392-0550.  Refer  to 
JOB  #'s  mentioned  above. 
AA/EEO 


Programmer  Analyst 

Watts  Up  Inc.  (  Ossining, 
NY)  seeks  software  pro¬ 
fessional  to  design,  devel¬ 
op  and  implement  busi¬ 
ness  applications  and 
software.  Experience  in 
Oracle,  SQL,  ASP,  Visual 
Basic  and  ERP.  (Navision) 
a  plus.  Competitive  sal¬ 
ary.  Mail  resume  and 
requirements  to:  187  Main 
Street,  Ossining,  NY 
10562.  EOE 


IT  PROFESSIONALS: 

Senior  Consultant 

Position:  (Glen  Mills.  Penn¬ 
sylvania  and  other  locations 
through  the  U.S.).  Responsible 
for  providing  clients  with  profes¬ 
sional  consulting  services  in  the 
area  of  infrastructure  require¬ 
ments  including  the  develop¬ 
ment,  testing  and  implementa¬ 
tion  of  system  software  tailored 
to  clients'  business  needs  and 
requirements.  Provide  support 
for  the  procurement  of  hardware 
and  software  including  require¬ 
ments  gathering.  Provide  techni¬ 
cal  design  and  development  of 
data  structures  and  databases 
to  ensure  the  accessibility,  secu¬ 
rity,  and  integrity  of  clients'  busi¬ 
ness  data  and  systems. 
Responsible  for  logical  and 
physical  data  analysis  and  mod¬ 
eling  of  c-tree  and  Oracle  and 
ensuring  data  architecture  stan¬ 
dards.  Responsible  for  installa¬ 
tion,  upgrades,  administration, 
tuning,  backup  and  recovery 
strategy,  implementation  and 
maintenance  of  c-tree  and 
Oracle  databases  on  Sun 
Solaris  and  other  operating  sys¬ 
tems.  Engage  in  the  installation, 
configuration,  administration  of 
Sun  Solaris,  including  the  con¬ 
figuration  of  network  interfaces, 
veritas  volume  manager,  root 
disk,  and  application  of  patches. 
Develop  technical  specifications 
and  design  policies,  procedures 
and  workflows  and  conduct 
tests,  review  controls,  imple¬ 
ment  systems  and  documenta¬ 
tion.  Responsible  for  failover 
design  including  sun  cluster 
installation  and  registration  of  c- 
tree  high  availability  agents. 
Coordinate  software  installation 
and  configuration  including  sun 
cluster,  MQ  series,  Veritas  vol¬ 
ume  manager,  etc.  Coordinate 
and  assist  on  tuning  of  Siebel 
EAI  (Enterprise  Application 
Integration)  and  EIM  (Enterprise 
Integration  Manager),  develop 
CICS-Cobol  online  and  batch 
applications,  and  oversee  and 
upgrade  Oracle  applications. 
The  wage  offered  is  $94,340  per 
year. 

The  work  schedule  is  Monday- 
Friday,  9:00  am  to  5:00  pm.  The 
minimum  requirements  are  as 
follows:  Bachelor's  degree  or 
equivalent  in  Computer  Science, 
Math,  Engineering  (any),  Infor¬ 
mation  Systems  or  Business 
Administration  +  3  years  of 
experience  in  the  job  offered  or 
3  years  of  experience  as  a 
Senior  Consultant,  Consultant  or 
Senior  Officer.  Employer  will 
regard  a  foreign  degree  to  be 
equivalent  to  a  U.S.  Bachelor's 
degree  as  determined  by  an 
accredited  credentials  evalua¬ 
tion  service.  Related  experi¬ 
ence  must  include  at  least  1 
year  of  experience  in  Sun 
Solaris,  c-tree,  Oracle  Data¬ 
base,  MQ  Series,  Siebel  EAI 
(Enterprise  Application  Integ¬ 
ration)  and  Siebel  EIM 
(Enterprise  Integration  Man¬ 
ager) 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number 
WEB406903  to  the:  PA 
Careerlink,  FLC  Unit,  235  W. 
Chelten  Avenue,  Philadelphia, 
PA  19144.  EOE. 


COMPUTER 

PricewaterhouseCoopers  LLP 
Tax  practice  has  opportunities 
available  for  experienced  pro¬ 
fessionals  in  the  area  of  Sys¬ 
tems  Development  and  Adminis¬ 
tration.  Positions  require  a  bach¬ 
elor's  (master's  preferred)  in  CS, 
MIS  or  CE  &  3  to  7  yrs  related 
exp.  Additional  qualifications  re¬ 
quired  include  Lotus  Notes  de¬ 
velopment  exp  &  Oracle  PL/SQL 
exp.  Job  site/location:  Washing¬ 
ton,  DC.  Interested  candidates 
please  reference  job  code 
55JPLN  &  fax  resume  to  PwC 
GTT  Recruiting  at  813-348- 
7980.  No  phone  calls  please. 
Employer  will  only  consider 
applicants  authorized  to  work  for 
any  employer  in  the  U.S. 


Let  your  computer  work 
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Sr.  Software  Engineer/Devel¬ 
oper.  Database  Architect  want¬ 
ed  by  MD  Soft,  Inc.  Candidate 
must  have  minimum  BS  with  5- 
yr  experience  in  IT  field  includ¬ 
ing  experience  in  data  ware¬ 
house  design,  ETL  develop¬ 
ment.  using  Acential  datastage 
Please  contact  mdsoftmc@ 
vahoo.com.  EOE. 

K&M  Softech  is  looking  for  pro¬ 
grammer/system  system,  soft¬ 
ware/project  engineers  or  IT 
professionals.  Both  entry  & 
experienced  levels  needed. 
Some  positions  require  travel. 
Skills  in  C/++,  VB,  Java, 
Oracle,  SAP,  SQL  are  plus. 
Please  send  resumes  to 


CGI  Inform.  Sys  &  Management 
Consultants,  Inc.  is  looking  for 
Sr.  IT  Consultant  to  develop  web 
portal  applications  using  Oracle 
9IAS,  data  warehouse  using  pi/ 
sql.  reports6l  &  discoverer.  Min. 
MS  plus  exp.  of  Oracle  X/8/9, 
9IAS,  PL/SQL,  JavaScript. 
Contact  lisa.halter@cai.com. 
No  calls.  EOE 

Material  Management  Analyst 
wanted  by  Danco  (subsidiary  of 
NCH  Corp)  to  handle  manage¬ 
ment  of  import  &  vendor  rela¬ 
tions!,  obsolete  inventory.  Out¬ 
sourcing  activities.  Must  have 
minimum  bachelor  in  manage¬ 
ment  with  experience.  Please 
apply  at  chriscol@nch.com. 
EOE.  No  calls. 


Software  Engineers  to  design, 
develop,  maintain  appls  using 
OOAD,  Java.  XML,  JSP.  Java¬ 
Script,  HTML,  JDBC,  EJB,  JFC, 
Java  beans,  CORBA.  Weblogic, 
RationalRose  etc;  perform  reqs/ 
problem  analysis,  solution  de¬ 
sign,  implementation,  documen¬ 
tation  on  developed  appls;  pro¬ 
vide  training  and  user  support 
for  appls;  study/evaluate  new 
tech.  &  methodologies;  perform 
project  planning,  time/cost 
scheduling.  Require:  MS  or  for¬ 
eign  equiv.  in  CS/Information 
systems/Engg.(any  branch)/  &  1 
yr  exp.  in  IT.  Comp,  salary,  f/t. 
travel  involved.  Send  Resumes 
to:  HR,  Opal  Soft,  Inc.  3150 
Almaden  Expwy  Ste  205,  San 
Jose,  CA  95118. 


Software  Engineer/  Prog¬ 
rammer  Analysts  for  con¬ 
sulting  co  in  Skillman,  NJ. 
Must  have  Bach  degree  in 
Comp  Sci/Comp  Eng  or 
reltd  field  &  1-3  yrs  exp. 
Send  resume  to:  Optimal 
Solutions,  3  Richmond 
Drive,  Skillman,  NJ 
08558. 


Staff  Engineer/Technical  Group 
Leaaer  -  Design  component- 
level  hardware  for  GSM  devices 
to  meet  European  EMC  regula¬ 
tory  reqmts.  Determine  develop¬ 
ment  objectives,  perform 
processor  integration,  design 
audio  circuitry  &  provide  SIM  & 
DAI  interfaces;  40  hrs/wk.  Must 
have  MS  in  Electronics  Engrg, 
Electronics/Communications 
Engrg  or  Electronics/Computer 
Engr  &  3  yrs  exp  OR  BS  in 
Electronics  Engrg,  Electronics/ 
Communications  Engrg  or 
Electronics/Computer  Engr  &  5 
yrs  progressive  exp  in  the  spe¬ 
cialty  field.  Contact  Panasonic 
Mobile,  1225  Northbrook  Pkwy, 
Suwanee,  GA  30024,  Attn:  D. 
Greer,  MR. 


Jr.  Software  Engineer:  Entry- 
level  position  to  assist  Sr. 
Software  Engr  in  developing 
projects  for  co.  MediaXtreme 
prod.  &  website  using  Assembly 
Language,  C/C++.  VB,  ASP  & 
Network  Communication  w/ 
Windows/Linux  platforms.  Req. 
8. Sc.  in  Com.  Engr.  or  a  related 
field.  No  exp.  req.  but  must 
demo  ability  to  perform  job 
through  either  course  work  or 
project  involving  Assembly 
Language,  C/C++  &  Network 
Communication.  Resume  w/ 
transcript  to  Engr  Director, 
Keywest  Technology,  14563  W. 
96th  Terrace,  Lenexa,  KS  66215 


Software  Developer  III  to  per¬ 
form  small  scale  systm  or 
subsystm  dsgn.  B.S.  in  Comp. 
Sci.,  Eng.  or  MIS  or  rel.  field  + 
3  yrs  exp.  w  1C,  C++,  VB,  Java 
&  Perl  on  Windows  &  UNIX. 
Exp.  w/Palm  OS;  Oracle 
Reports  Builder,  Oracle  9iDS; 
and  LoadRunner  reqd. 
Resumes  to:  Margo  Massey, 
2510  North  Dodge  St.,  Iowa 
City,  IA  52245. 


SBI  is  looking  for  the  following 
positions  for  its  offices  in 
Houston,  TX,  San  Francisco, 
CA,  Warren,  NJ,  Salt  Lake  City, 
UT  and  Portland,  OR:  Art 
Director,  Web  Designer, 
Programmer  Analysts,  Technical 
Architects,  Technical  Consul¬ 
tants,  Business  Strategists, 
Systems  Analysts,  Software 
Engineers,  Software  Deve¬ 
lopers,  SAP  Consultant, 
resumes  by  email  or  fax  only  to 
HR,  SBI  2825  East  Cottonwood 
Parkway,  Suite  480,  Salt  Lake 
City,  UT  84121: 

careers@sbiandcompany.com; 
Fax  (801)  733-3201. 


Systems  Analysts  to  provide  in 
depth  analysis,  design,  develop¬ 
ment  and  testing  services  for 
database  dev  projects;  perform 
project  scoping,  planning,  pro¬ 
ject  time/cost  schedules,  quality 
of  deliverables, study/evaluate 
new  techs/methodologies;  pro¬ 
vide  business  guidance  for  com¬ 
plex  user  problems;  guide  teams 
by  providing  methodologies  to 
follow;interact  with  clients  on 
project  related  issues.  Require 
Masters  degree  or  foreign  equiv 
in  CSor  Business  Admin.  High 
salary,  f/t  position.  Travel 
involved.  Resumes  to  HR, 
Smartsoft  International,  Inc., 
4898,  South  Old  Peachtree  Rd, 
Norcross,  GA  30071. 


Oracle  Applications 
Database  Administrators 

Install,  Maintain,  Upgrade  and 
Tune  Oracle  Applications  1 1  i. 

Min.  Educ.  Bachelor's  degree 
or  equi.  Some  positions  re¬ 
quire  Master's  degree  or  equi. 
Min.  Exp.  -  Adequate  industry 
experience.  Job  may  involve 
working  at  various  locations 
throughout  the  US. 

Please  send  resume  to: 
Selectiva  Systems,  Inc. 
3333  Warrenville  Rd. 

Suite  200 
Lisle,  IL  60532 


PROGRAMMER  ANALYSTS  for 
Buffalo  Grove,  IL  office.  Design 
&  develop  software  applications 
using  VB,  Oracle,  Coolgen, 
Interwoven,  PVCS,  Erwin,  ASP, 
XML,  UML;  Develop  &  imple¬ 
ment  client/server  applications 
in  Oracle  Financials  using  syn¬ 
chronization  techniques  in 
Oracle  tools  such  as  PL/SQL, 
Developer  2000  &  Designer 
2000.  Bachelors  reqd  in  Com¬ 
puters,  Engineering,  or  any 
related  field  of  study  +  2  yrs  of 
related  exp.  40  hrs/wk.  Must 
have  proof  of  legal  authority  to 
work  permanently  in  the  U.S. 
Send  resume  to  HR  Manager, 
Option  Care,  Inc.,  485  Half  Day 
Road,  Ste.  300,  Buffalo  Grove, 
IL  60089. 


Sr.  Prog.  Analysts  to  analyze, 
design,  develop  client  server/n- 
tier  appls  using  C,  C++,  Java, 
Perl,  HTML,  SQL  Server.  XML, 
ASP,  JSP,  Servlets,  EJB,  Web¬ 
logic,  Java  Scripts,  etc.  under 
Windows,  Unix  os;  tune  appls 
for  better  performance;  inteact 
with  clients  and  end  users  for 
reqs  gathering,  analysis,  planing 
and  implementation;  perform 
debugging  and  modifications  of 
existing  software.  Require:  MS 
or  foreign  equiv.  in  CS  / 
Engg.(any  branch).  F/T.  compet¬ 
itive  salary.  Travel  involved. 
Resumes  to:  HR,  Semafor 
Technologies,  Inc.,  3300, 
Holcomb  Bridge  Road,  Ste  212, 
Norcross,  GA  30092. 


Systems  Software  Engineer.  8a- 
5p,  40hrs/wk.  Analyze,  dsgn, 
test,  support  &  install  LAN/WAN, 
n/works,  data  communication 
systms,  servers  &  workstations; 
recommend  n/work  h/ware  & 
s/ware;  perform  interface  using 
n/work  mgmt,  CISCO  routers, 
TCP/IP,  Ethernet,  VLSI  tools  8 
WinNT.  2  yrs  exp.  in  job  offd  or 
as  IT  profl  using  above  comput¬ 
er  skills  reqd.  Masters  or  equiv 
in  Comp  Sci,  Info  Systms, 
Electrical,  Electronics  or  related 
field  of  Engg  reqd.  (In  lieu  of 
Masters.  Bach  in  specified 
majors  &  5  yrs  work  exp  as  IT 
profl  accepted.)  Resume: 
Software  Decisions  Group,  Inc., 
235  Donamere  Way,  Alpharetta, 
GA  30022. 


SENIOR  SOFTWARE  ENGIN¬ 
EER  to  design,  develop,  modify 
and  support  Computer  System/ 
apps  software.  Analyze  user 
needs,  design  databases,  devel¬ 
op  software  solutions  using 
Enterprise  Resource  Planning  & 
related  software  using  SAP, 
SQL,  MAPICS  and  MS  Access 
skills.  Require:  Master's  degree 
in  an  Engineering  discipline. 
Business  or  closely  related  field 
with  2  years  of  experience  in  job 
offered  or  as  a  system  analyst. 
Extensive  travel  within  the  U.S. 
Salary  offered  $72000/yr,  40  hrs/ 
week,  8  a.m.  -  5  p.m.  Submit 
resumes  to:  Shri  Gangal.  Syspro 
Technologies,  Inc.  17440  Dallas 
Parkway,  Suite  207,  Dallas  TX 
75287. 


PROGRAMMER  ANALYSTS 
req'd  for  Chicago,  IL  office. 
Design  &  Develop  software  ap¬ 
plications  using  C,  C++,  VB, 
Delphi,  ASP,  XML,  UML,  Cool¬ 
gen,  Interwoven,  Oracle,  PL/ 
SQL,  Developer  2000  &  De¬ 
signer  2000;  Perform  system  & 
integration  testing.  Bachelors  or 
Equivalent  req’d  in  Computers, 
Engineering,  math  or  related 
field  of  study  +2  yrs  of  related 
exp.  40  hrs/wk.  Must  have  legal 
authority  to  work  permanently  in 
the  U.S.  Send  resume  to  HR 
Manager,  Allied  Business  Con¬ 
sulting,  Inc.,  8700  W.Bryn  Mawr, 
Suite  800  South,  Chicago,  IL 
60631. 


Programmer  Analysts  to  ana¬ 
lyze,  design  s/w  appls  using 
SAP  R/3,  ABAP/4,  C,  C++, 
Java,  VB,  JSP,  JScript,  HTML 
on  UNIX/Windows  os;  gath¬ 
er/document  reqs  from  user 
community;  test/troubleshoot 
project  appl  code  according  to 
system  objectives.  Require  a 
B.S.  or  foreign  equiv  in  CS/ 
Engg  (any  branch)with  2  yrs 
exp  in  IT.  High  salary.  F/T. 
Travel  involved.  Resume  to 
HR,  Smartsoft  International, 
Inc.,  4898,  South  Old 
Peachtree  Rd,  Norcross,  GA 
30071. 


Data  Communication  An¬ 
alyst  needed  for  law  firm, 
4  years  experience  in 
duties  or  B.S.  in  Systems 
Engineering  (Computer 
Science).  Please  send 
resume  to:  contact@ 
casablancalaw.com  or 
Attn:  Human  Resources, 
Casablanca  &  Associ¬ 
ates,  P.  A.,  444  Brickell 
Ave,  616,  Miami,  Florida 
33131. 


Mphasis  Corporation  has  mul¬ 
tiple  openings  for  the  follow¬ 
ing  positions  at  its  offices  in 
New  York,  NY,  Memphis,  TN, 
Houston,  TX  and  unanticipat¬ 
ed  client  sites  throughout  the 
U.S.:  Programmer  Analyst, 
Software  Engineer,  Project 
Manager,  Management  An¬ 
alyst,  Sales  Engineer,  Busin¬ 
ess  Development  Manager, 
Finance  Manager.  Please 
send  resume,  salary  history 
and  position  applied  for  to  444 
Park  Avenue  South,  Suite 
#503,  New  York,  NY  10016, 
Attn:  H.R.  Manager. 


Seeking  qualified  applicants  for 
the  following  positions  in  Orlando, 
FL:  Senior  Programmer  Analyst. 
Formulate/define  functional  req¬ 
uirements  and  documentation 
based  on  accepted  user  criteria. 
Requirements:  Bachelor's  degree 
or  equivalent*  in  computer  sci¬ 
ence,  MIS,  mathematics,  engi¬ 
neering  or  related  field  plus  5 
years  of  experience  in  systems/ 
applications  development.  Exp¬ 
erience  with  C  and/or  C++,  Java 
and  RDBMS  also  required. 
'Master's  degree  in  appropriate 
field  will  offset  2  years  of  general 
experience.  Submit  resumes  to 
Sibi  George,  FedEx  Corporate 
Services,  1900  Summit  Tower 
Blvd.,  Suite  1400,  Orlando,  FL 
32810.  EOE  M/F/DA/. 


Software  Engineers  needed: 
Req:  BS  degree  or  equivalent 
and/or  rel.  work  exp.  Part  of  the 
req.  rel.  work  exp.  must  include 
2  years  working  with  Oracle  and 
1  year  working  with  Java.  Exp. 
can  be  simultaneous.  Analyze, 
design  and  implement  systems 
and  applications;  provide  engi¬ 
neering  solutions;  develop  soft¬ 
ware.  Work  with  Oracle  RDBMS, 
Java,  XML,  SQL  and  PL/SQL. 
Mail  resume,  transcripts,  refer¬ 
ences  and  salary  requirements 
to:  NewGen  Technologies,  Inc., 
405  Kelsey  Park  Drive,  West 
Palm  Beach,  FL  33410. 


I.T.  BUSINESS  CONSUL¬ 
TANT-  manage  all  info,  sys¬ 
tems  &  tech,  related  busi¬ 
ness  needs  for  predomi¬ 
nantly  Spanish  speaking 
clientele.  B.S.  Computer 
Sci.  or  equiv  +  2  yr  in  job  or 
in  info  systems  &  fluency  in 
Spanish  reqd.  Proficiency  in 
Windows  NT,  Microsoft 
applications  &  Lotus  Notes 
&  Domino  platforms.  Apply 
to:  World  Business  Consult¬ 
ants,  Inc.  1191  Hiddenbrook 
Ln,  Suwanee,  Ga  30024. 


Prog  Analyst  needed  to  ana¬ 
lyze,  design,  implement  and 
test  proprietary  s/w  apps  w / 
exp  in  Java,  Borland  C/C++, 
MS  SQL,  ASP,  ActiveX, 
HTML,  VB.  Ability  to  design 
and  develop  conversion/ 
interface  processes  between 
proprietary  s/w  apps  and 
WONDA,  I  LX,  Bloomberg 
DDE  Server,  Prime  Access, 
P&L  Link  is  necessary.  Send 
resumes  to:  Watchpoint 
Asset  Management,  74  DW 
Hwy,  Merrimack,  NH  03054. 


Software  Engineer 
InterContinental  Hotels  Group 
is  seeking  qualified  applicants 
for  positions  at  the  company's 
North  American  headquarters 
in  Atlanta.  Develop  real-time 
revenue  management  applica¬ 
tions  for  use  in  multi-platform 
environment.  Requires  rele¬ 
vant  degree  and  experience 
with  revenue  management 
systems  for  hospitality/tourism 
industry.  Apply  to  Francene 
Taylor,  Six  Continents  Hotels, 
Inc.,  Three  Ravinia  Drive, 
Suite  100,  Atlanta,  Georgia 
30346. 


Information 

Overload? 


Take  a  break  at 
itcareers.com 
and  take  the 
hassle  out  of  job 
searching! 


www.itcareers.com 


IT  Education  &  Training 

Contact  the  companies  listed  below 
to  help  you  with  your  training  needs! 


Directory 


To  place  your  ad  please  call  800-762-2977 


CBT  Nuggets 

(888)  507-6283  &  (541)  284-5522 
www.cbtnuggets.com 
Affordable  training  videos  on  CD 
MCSE,  MCDBA,  MCSD,  CCNA, 
Citrix,  Linux,  A+,  Net  + 


A 


IPexpert,  Inc. 

(866)  225-8064 

www.ipexpert.com 

CCIE  (R&S,  SEC,  and  C&S),  CCSP, 

CCNP,  CCNA,  IP  Telephony 
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SEMINARS  i  EVENTS 


Network  World  Seminars 
and  Events  are  one  and  two- 
day,  intensive  seminars  in 
cities  nationwide  covering 
the  latest  networking  technologies.  All  of  our  seminars  are 
also  available  for  customized  on-site  training.  For  complete 
and  immediate  information  on  our  current  seminar  offerings, 
call  a  seminar  representative  at  800-643  4668,  or  go  to 
www.nwfusion.com/seminars. 


Publicize  your  press  coverage  in  Network 
World  by  ordering  reprints  of  your  editorial 
mentions.  Reprints  make  great  marketing 
materials  and  are  available  in  quantities  of 
500  and  up.  To  order,  contact  Reprint 
Management  Services  at  (717)  399-1900  x129 
or  E-mail;  mshoben@reprintbuyer.com 
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continued  from  page  1 

external  systems.  The  software 
then  builds  federated  or  virtual 
databases  that  provide  access  to 
structured  and  unstructured  data, 
including  XML  documents,  email 
and  multimedia  files,  as  if  it  were 
stored  in  one  place. 

The  appeal  of  building  such  vir¬ 
tual  data  mails  is  catching  on 
among  users:The  data  integration 
market  grew  3.3%  in  2002  —  a 
year  in  which  worldwide  software 
spending  deceased  for  the  first 
time  in  the  market’s  history, 
according  to  1DC.  Data  integra¬ 
tion  software  revenue,  now  about 
$1  billion,  is  expected  to  near$1.5 
billion  by  2007  with  compound 
annual  growth  of  more  than  8%, 
the  research  firm  says. 

Meanwhile,  vendors  are  improv¬ 
ing  their  data  integration  wares. 
IBM  is  preparing  to  release  a  new 
version  of  its  year-old  DB2 
Information  Integrator  software  in 
the  second  half  of  the  year.  The 
release  will  incorporate  search 
technology  the  company  is  devel¬ 
oping,  code-named  Project  Ma¬ 
sala,  to  help  users  more  easily  cull 
data  from  a  broader  range  of 


quests  for  data  among  systems.  It 
tends  to  be  more  focused  on 
secure  message  delivery  and  busi¬ 
ness  process  management  than 
on  examining  data. 

A  data  warehouse  involves  a 
central  repository  for  the  data 
that  business  applications  col¬ 
lect;  the  warehouse  typically  is 
populated  through  scheduled 
batch  processes  that  copy  data 
from  enterprise  systems  to  the 
central  repository 

Rather  than  copying  data  from 
reference  sources,  data  integra¬ 
tion  tools  maintain  a  central 
directory  that  provides  a  map  of 
data  formats  and  locations;  links 
between  systems  are  set  up  and 
broken  down  as  data  aggregation 
sessions  are  executed. 

Data  warehouses  are  best  suited 
for  planned  analytic  queries  that 
are  executed  on  a  regular  basis, 
says  Eric  Austvold,  research  direc¬ 
tor  at  AMR  Research.  A  data  ware¬ 
house  typically  is  designed  with 
specific  queries  in  mind  and  pro¬ 
grammed  to  collect  data  relevant 
to  those  queries,  he  says. 

The  strength  of  data  integration 
tools  is  in  answering  questions 
that  are  unplanned  and  not  re¬ 
peated  regularly“The  beauty  of  in¬ 


ROGER  J.  WYAN 


ft  felt  sounds  simplistic  enough, 
the  idea  of  centralizing  patient 
data.  But  it's  extremely  difficult 
to  get  all  the  disparate  pieces 
of  information  together  and 
have  them  make  sense.  9  9 


John  Hummel 

CIO,  Sutter  Health 


enterprise  content,  including  in¬ 
tranets,  extranets,  Web  sites,  rela¬ 
tional  database  systems  and  con¬ 
tent  repositories. 

Among  the  start-ups,  Avaki  last 
week  announced  Avaki  5.0,  which 
adds  features  that  let  users  access 
third-party  software,  such  as  data- 
cleansing  and  business-intelli¬ 
gence  tools,  and  make  them  avail¬ 
able  as  services  within  Avaki’s 
data  grid. 

For  users,  data  integration 
offers  an  alternative  to  —  though 
not  necessarily  a  replacement  for 
—  traditional  enterprise  applica¬ 
tion  integration  (EA1)  and  data 
warehousing. 

EA1  software,  such  as  that  from 
Tibco,  SeeBeyond  and  web- 
Methods,  is  used  to  link  applica¬ 
tion  interfaces  and  shepherd  re¬ 


formation  integration  is  being 
able  to  answer  questions  where 
the  data  has  yet  to  be  organized,” 
Austvold  says. 

With  data  integration  tools,  a 
user  can  formulate  a  question, 
devise  a  query  and  get  the  results 
immediately.  Conceptually,  the 
idea  makes  sense,  especially  con¬ 
sidering  recent  advances  in  the 
speed  and  capacity  of  networks, 
hardware  and  databases,  he  says. 

But  skeptics  ask  whether  these 
tools  place  an  unreasonable  bur¬ 
den  on  computing  systems.  “You 
don’t  want  to  send  a  query  and 
have  the  lights  dim, ’’Austvold  says. 

Pacific  Capital  Bancorp  is 
rolling  out  software  from  Avaki 
that  consolidates,  transforms  and 
publishes  data  from  the  bank’s 
existing  databases,  operational 


Comparing  technologies 

Data  integration  tools  are  a  complement  to  data 
warehouses,  not  a  replacement.  Here’s  how  they 
stack  up  in  several  categories. 


Data  integration 
software 

Data  warehouse 
software 

Applications 

Best  suited  for  unplanned, 
varying  queries. 

Best  suited  for  frequent, 
planned  queries. 

Methodology 

Leaves  data  in  its  place. 

Copies  data  to  central 
repository. 

Timeliness 

Can  poll  sources  in  real 
time. 

Only  as  current  as  the 
latest  batch  upload. 

Query 

performance 

Data  is  remote; 
computations  depend  on 
network  availability. 

Data  is  local,  enabling 
fast  computations. 

systems  and  data  warehouse.  It 
did  consider  the  impact  of  the 
software  on  network  perfor¬ 
mance,  says  Scott  Matthew,  vice 
president  in  the  office  of  technol¬ 
ogy  and  applied  practices  at  the 
Santa  Barbara,  Calif.,  bank. 

But  Pacific  Capital  found  perfor¬ 
mance  was  no  more  of  an  issue 
than  any  new  software  addition 
—  the  bank  is  mulling  other 
bandwidth-intensive  applica¬ 
tions,  such  as  VoIP  Matthew  says. 
“It’s  always  a  balancing  act  with 
networks,”  he  says. 

On  the  plus  side,  because 
Avaki’s  specialty  is  access  — 
making  data  from  multiple,  het¬ 
erogeneous  sources  available  to 
applications  —  it  doesn’t  take  on 
the  entire  computational  burden. 
Avaki  leaves  some  of  the  fine 
querying  to  specialists,  such  as 
data  cleansing  or  business  activ¬ 
ity  monitoring  vendors.  So  the 
bank’s  data  engines  —  its  busi¬ 
ness  intelligence  software  from 
Informatica,  for  example  —  still 
do  some  of  the  computational 
work,  and  Avaki  simply  makes  the 
results  available  to  other  sources, 
Matthew  says. 

The  opportunity  to  reuse  ana¬ 
lytic  resources  was  a  big  draw  for 
Pacific  Capital.  Avaki  lets  users 
create  “data  services”  that  are  sim¬ 
ilar  to  the  concept  of  a  stored  pro¬ 
cedure  on  a  database  engine. 
Avaki  centralizes  these  stored  pro¬ 
cedures  so  multiple  applications 
can  use  them,  Matthew  says. 

Kawasaki  uses  IBM’s  DB2  Infor¬ 
mation  Integrator  to  streamline 
some  of  its  inventory  operations. 
With  it,  the  Irvine,  Calif.,  company 
has  been  able  to  speed  the  time  it 
takes  to  ship  parts  to  its  8,000 
dealers  by  reducing  the  time  it 
takes  to  pass  transactional  data 
from  its  mainframe  to  warehouse 
IT  systems. 

Instead  of  waiting  for  a  batch 
process  to  run  overnight,  DB2  In¬ 
formation  Integrator  pulls  orders 


from  Kawasaki’s  mainframe  soon 
after  dealers  place  them,  says  Vic¬ 
tor  Martinez,  manager  of  data  ad¬ 
ministration  and  information  ac¬ 
cess  services  group  at  Kawasaki. 

Using  information  integration 
technology  is  a  shift  for  Kawasaki. 
The  company  initially  started 
building  traditional  data  marts, 
but  found  it  couldn’t  keep  up 
with  demand.  As  users  became 
aware  of  the  analytic  data  avail¬ 
able  from  data  marts,  requests  to 
build  more  data  marts  started 
flowing,  Martinez  says. 

DB2  Information  Integrator 
provided  an  alternative.  “It 
allowed  us  to  pierce  the  veil  of 
the  mainframe,  go  in  and  grab 
the  data  we  needed  without 
moving  it  to  a  data  mart,”  he 
says.  “We  can  bring  up  five  vir¬ 
tual  data  marts  in  the  time  it 
took  to  build  one  data  mart.” 

For  Sutter  Health,  data  integra¬ 
tion  provided  an  alternative  to 
costly  platform  migrations.  The 
Sacramento,  Calif.,  healthcare 
organization  needed  a  way  to 
provide  a  single,  current  view  of 
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each  patient,  including  medical 
history  But  it  didn’t  want  to  have 
to  migrate  dozens  of  patient  sys¬ 
tems,  spread  across  its  30  hospi¬ 
tals,  to  one  format. 

Sutter  maintains  more  than  100 
databases;  records  pertaining  to 
any  one  patient  might  be  in  50% 
to  60%  of  them,  says  John 
Hummel,  CIO  at  Sutter  Health.  “It 
sounds  simplistic  enough,  the 
idea  of  centralizing  patient  data,” 
Hummel  says.  “But  it’s  extremely 
difficult  to  get  all  the  disparate 
pieces  of  information  together 
and  have  them  make  sense.” 

To  accomplish  that,  Sutter  is 
rolling  out  software  from  Initiate 
Systems,  which  specializes  in  cus¬ 
tomer  data  integration  for  health¬ 
care  companies.  Initiate’s  Identity 
Hub  software  links  data  from  dis¬ 
parate  systems  without  requiring 
changes  to  existing  records. 

That’s  a  key  cost  advantage, 
Hummel  says.  Other  healthcare 
organizations  have  paid  up  to  $1 
million  per  hospital  to  retrofit  sys¬ 
tems,  he  says.  With  Identity  Hub, 
Sutter  is  spending  about  $4  mil¬ 
lion,  or  $1  per  patient,  across  the 
health  group’s  30  hospitals  to  cre¬ 
ate  a  master  patient  index.  ■ 


More  online! 

Find  out  more  about  the  move  toward  the 
consolidation  of  servers,  storage  and  apps 
into  what  is  being  called  the  New  Data 
Center  at  Network  World's  latest  event: 
Masterminding  the  New  Data  Center. 
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Symantec  tackling  integrated  management 


■  BY  DENISE  DUBIE 

Symantec  went  on  tour  last  week  to  pro¬ 
mote  its  plan  for  a  converged  security  sys¬ 
tems  and  storage  management  system. 

The  company’s  Secure  Enterprise  Admin¬ 
istration  (SEA)  road  map  spells  out  how 
Symantec  over  the  next  year  or  so  will  inte¬ 
grate  its  security  technologies  with  recently 
acquired  products  outside  of  security 
Symantec  spent  $150  million  on  back-up 
and  recovery  vendor  FbwerQuest  in 
December  and  another  $100  million  in 
February  for  ON  Technology  a  software  dis¬ 
tribution  and  desktop  management  soft¬ 
ware  maker. 

SEA  will  enable  companies  to  more  eas¬ 
ily  detect  threats, patch  machines  and  back 
up  systems  via  a  common  platform, 
Symantec  says.  It  will  sell  components  of 
the  system  bundled  and  separately 

“The  vision  is  to  build  integration  into 
each  product  that  would  link  into  an 
underlying  infrastructure  and  enable  the 
products  to  work  automatically  together  if 
a  customer  chooses  to  buy  multiple  prod¬ 
ucts,”  says  Don  Kleinschnitz,  vice  president 
of  product  delivery  in  Symantec’s  new  en¬ 
terprise  administration  division. 

He  says  the  integrated  management  soft¬ 
ware  would  require  IT  managers  to  write 
policies  on  which  the  software  would  take 
action  across  servers,  desktops,  network 
and  storage  devices.  For  example,  if  a  worm 
got  past  the  corporate  firewall,  the  security 
detection  software  would  alert  the  systems 
management  tools  to  deliver  patches  to 
machines  that  need  them. The  storage  soft¬ 
ware  then  would  back  up  the  last  known 
good  state  of  the  systems  and  automatical¬ 
ly  roll  back  to  that  state  after  the  threat  was 
locked  down. 

Symantec  says  its  products  could  add  sys¬ 
tems  management  capabilities  for  its  mid¬ 
size  customers  that  don’t  use  such  products 
from  Computer  Associates,  HP  and  IBM. 

Rob  Enderle,  principal  analyst  with 
Enderle  Group,  says  the  effort  makes  sense 
in  that  “systems  management  is  already 
connected  to  what  Symantec  currently 
does  in  terms  of  vims  protection  and  secu¬ 
rity  vulnerability  checking.” 

However,  getting  the  pieces  to  work 
together  will  be  a  challenge. 


More  online! 


Which  new  technologies  best  improve  network  perfor¬ 
mance?  Which  breakthroughs  in  caching  and  compres¬ 
sion  free  up  WAN  capacity?  Listen  to  highlights  from 
Jim  Metzler's  keynote  presentation  on  effective  net¬ 
work  management. 
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The  company  also  will  be  challenged  to 
displace  established  vendors,  but  Syman¬ 
tec  could  fill  technology  gaps  that  midsize 
customers  have  in  terms  of  automated 


patch  management  and  storage  backup 
and  recovery 

“Symantec’s  ability  to  incorporate  Fbwer¬ 
Quest  products  into  its  enterprise  adminis¬ 


tration  console  should  help  considerably 
in  making  this  appealing  to  some  cus¬ 
tomers,”  says  Jamie  Gruener,  a  senior  ana¬ 
lyst  at  The  Yankee  Group,  a 
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NEW!  a 

Industry-latest  analysis 
and  overview 
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In-depth  partner 
presentations 


NEW! 

Real-world  roundtable 
with  your  colleagues 
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Put-to-work  answers 
and  technology 
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Enterprise 

Security: 

Fail-Safe  Architecture 


EVENT  SCHEDULE 

BOSTON,  MA 
May  18,  2004 
Sheraton  Framingham 

PHILADELPHIA,  PA 
May  20.  2004 
Hilton  Philadelphia 
City  Avenue 

DALLAS.  TX 
May  25,  2004 
Omni  Richardson 

SAN  JOSE,  CA 
May  27,  2004 
Hyatt  San  Jose 


FREE  EVENT  FOR 
QUALIFIED  PROFESSIONALS 


MODERATOR 
Joel  Snyder 

EXPERTISE,  TECHNOLOGY,  AND 

SOLUTIONS  TO  HELP  YOU: 

►  manage  your  network  as  a  security 
intelligence  asset 

*■  umbrella  remote-access  users  via 
low-cost  IP  connections 

*  integrate  wireless  security  into 
over-all  wired  strategy 

*■  expand  effectiveness  of  your 
firewalls  to  the  application  level 

WHO  WILL  BE  THERE? 

*  Expert  Event  Leaders 

*  Joel  Snyder,  Senior  Partner  of 
Opus  One 

*■  Sandra  Gittlen,  Events  Editor  for 
Network  World 

and  leaders  responsible  for  planning, 

designing  and  integrating  security 

solutions  including: 

►  CIOs/CSOs/CTOs 

*  IT/IS  managers/directors 

*  Network  managers/designers/architects 

►  Systems  managers  and  administrators 


This  event  is  limited  to  Network  and  IT 
professionals  involved  in  the  evaluation, 
purchase  and  implementation  of  security 
products  and  services.  Network  World  Events 
reserves  the  right  to  determine  total  audience 
and  profile  of  complimentary  attendees. 

Paid  registration  is  also  available. 


All  it  takes  is  one  oversight,  one  hacker,  one  failure,  and  suddenly  everything  about 
network  security  is  on  the  table.  And  YOU  are  on  the  spot.  ►  do  you  have  the  best 
tools  and  technology  in  place?  ►  are  you  implementing  and  managing  your  solutions 
effectively?  ►  are  you  ready  and  right  about  new  products  in  the  pipeline?  ►  are  you  adequately 
protecting  your  enterprise  for  tomorrow? 

Unfortunately  network  security  has  become  a  costly  catch  22.  Just  when  the  stakes  to  your 
enterprise  are  highest,  you're  flooded  in  waves  of  security  technology  that  is  hard  to  evaluate, 
integrate,  and  deploy.  The  typically  “safe’’  response  is  to  over-spend  and  over-build  simply  because 
you're  overwhelmed  not  just  with  what  to  buy,  but  how  to  buy,  when  to  buy,  and  why  to  buy. 

Now  there’s  a  smarter  and  better  response.  Attend  Enterprise  Security:  Fail-Safe  Architecture, 
a  new  Network  World  Technology  Tour  Event.  You’ll  see  new  technology.  Cain  the  real-world 
intelligence.  And  participate  in  a  fast-paced,  ask-questions-and-get-answers  event  unlike  any 
other.  Attendance  is  free,  but  limited  to  professionals  who  reserve  in  advance.  So  register  now 
and  secure  your  place  before  you  are  on  the  spot. 

Advance  Reservation  by  Qualified  Professionals  is  Required  for 
Complimentary  Attendance 

Register  now  at  www.nwfusion.com/SES4A1 
or  call  1  -800-643-4668 


PLATINUM  PRESENTING  SPONSORS: 


ForeScout  Lancope 

E  NHScjve-  V^riSign 


GOLD  EXHIBITING  SPONSORS: 

V  mtrs Systems^ 

ACCIJDATA 

SYSTEMS 


The  Value  of  Trust- 


VintelalX 


SOLSOFT' 


SUMMjT 


VIACK  V-ONE 

Corporation 


To  join  sponsors  of  this  premier  Network  World  Event,  please  contact  Andrea  D' Amato  at  1  -508-490-6520 
or  adamato@> nww.com  for  free,  no-obligation  information. 


www.nwfusion.com 

12  NotworkWorld  4/19/04 

BaCkSmn  Mark  Gibbs 

Anomalous  software 


fter  my  Backspin  column  last 
week  on  anomalous  things,  read¬ 
ier  Chris  Boucher  suggested  that 
the  message  “An  unexpected  error  has 
occurred”  produced  byWord  should 
be  translated  as:“I  got  tired  of  writing 
exception  handlers.  1  really  tried  to  fig¬ 
ure  out  all  the  things  that  could  go 
wrong  with  this  code  (and  got  most  of  them!)  but  had  to  get 
some  sleep  sometime,  so  put  this  little  kludge  in  for  the  rest. 
Sorry  that  it  means  that  you  lost  your  work  just  because  we 
had  to  get  the  code  out  the  door  before  it  could  be  com¬ 
pletely  debugged.” 

Reader  Joanne  Bandlow  wrote, “The  funniest  error  message 
I’ve  run  across  was  during  boot-up:  ‘Error:  Keyboard  not  pre¬ 
sent.  Press  FI  to  continue.”’ 

Yet  another  reader,  Mike  Palombo,sent  in  one  of  his 
favorites: “The  Data  is  the  Error.”  He  noted  that  “it  sounds  like 
something  you  would  be  told  by  a  guru  after  climbing  a  tall 
mountain  and  asking  about  the  true  meaning  of  IT  life.” 

Here’s  another  anomalous  message: “Vx2  benefits  con¬ 
sumers  by  working  with  advertisement  serving  partners  to 
subsidize  various  software  products  and  services  that  are 
free  to  you,  the  consumer.” 

But  you  have  to  read  the  End  User  Licensing  Agreement 
(EULA)  to  understand  what  is  really  going  to  happen:“These 
Terms  and  Conditions  apply  to  both  (1)  the  vx2.dll,  which  pri¬ 


marily  serves ‘popup’ and  ‘popunder’ ads,  and  (2)  the 
related  interest  profiling  application,  which  primarily 
gauges  users’  broadly  defined  interest  categories.” 

The  agreement  continues: “Vx2  may  enhance  or 
upgrade  these  applications  from  time  to  time. 
Unless  we  tell  you  otherwise,  any  new  products  or 
services  we  provide  or  distribute,  whether  through 
our  own  or  third-party  Web  sites  or  servers,  also 
will  be  subject  to  these  terms  and  conditions. Vx2 
may  amend  this  agreement  at  any  time  without 
notice  and  such  modifications  shall  be  deemed 
effective  immediately  upon  posting  the  changes 
on  the  site.” 

In  other  words,  once  you  install  vx2,  the  publisher, 
vx2  Corp.,  reserves  the  right  to  do  whatever  it 
pleases  to  your  PC  and  makes  it  quite  clear  that  it 
accepts  no  liability  for  any  problems. 

As  the  EULA  is  22  pages,  it  is  a  certainty  that  99.9% 
of  users  never  read  it  so  they  also  don’t  read  that 
“Vx2’s  software  also  uses  artificial  intelligence  to  dis¬ 
cern  and  collect  name  and  address  information 
from  online  forms  that  you  fill  out.  We  use  this  infor¬ 
mation  to  allow  our  partners  to  reach  you  with  per¬ 
sonalized  and  targeted  offers  and  advertisements 
that  are  relevant  to  your  interests. We  may  also  con¬ 
tact  you  directly  ourselves  with  such  offers.” 

Now  you  might  not  have  come  across  the  vx2 


software  yet.  Even  though  it  has  been  around 
since  early  2002,  it  has  only  recently  started  to 
appear  in  significant  numbers.  I  heard  about  it  from 
Ed  English,  CEO  of  InterMute,  which  publishes, 
among  other  products,  a  spyware  removal  utility 
called  SpySubtract. 

Vx2  is  an  example  of  both  spyware  —  software 
that  gets  installed  along  with  another  application 
and  is  designed  to  report  back  to  the  publisher 
with  data  on  a  user’s  browsing  habits  —  and 
adware,  which  tracks  user  information  to  display 
advertisements  that  are  supposedly  relevant  to  the 
user.  (Note  that  spyware  is  often  used  to  connote 
both  types  of  software.) 

The  problem  with  this  whole  subclass  of  malware 
is  that  unless  you  run  a  really  tight  network, your 
users  have,  1  guarantee,  managed  to  get  spyware  in¬ 
stalled,  and  it  will  screw  things  up.  It  might  well  re¬ 
veal  confidential  information,  and  it  will  certainly 
create  reliability  and  stability  problems  and 
degrade  performance. 

My  friends,  this  is  an  anomalous  condition  that 
we’re  going  to  look  at  in  depth  next  week  because 
it  is  already  costing  you  money  Lots  of  it. 

Shock  and  outrage  and  personal  experiences  to 
backspin  @gibbs.  com. 


By  Adam  Baffin 

Gaming  your  life 

Intel's  IT  Manager  Game  is  what  “The 
Sims"  would  be  like  if  all  the  Sims 
worked  as  IT  managers  in  shops  full  of 
sluggish,  annoying  end  users  whose  productivity  collapsed  unless  you  immediate¬ 
ly  upgraded  their  desktops  and  network  gear  (with  professional-grade  Intel 
equipment).  Gain  extra  budget  points  by  correctly  answering  trick  questions 
thrown  at  you  in  snap  meetings  by  the  CEO.  Warning:  Really  dissatisified  employ¬ 
ees  explode.  Requires  Flash.  Play  it  at  www.nwfusion.com,  DocFinder;  1634. 

Amazon’s  new  search  engine 

Well,  make  that:  Amazon’s  sorta  new  search  engine.  A9  (www.a9.com), 
unwrapped  in  beta  last  week,  basically  consists  of  Google's  database  and 
algorithms  coupled  with  some  nice  features.  If  all  you’re  doing  is  basic  search, 
it  will  look  exactly  like  Google,  only  with  orange  hyperlinks  (and,  if  you  move 
your  mouse  over  the  wrong  spot,  an  annoying  Alexa  popup  window  that  tells 
you  how  much  traffic  the  link's  site  gets). 

The  improvement  comes  on  the  right  side  of  the  screen,  where  you  can  create 
a  personal  history  of  your  searches.  Cool  beans!  The  toolbar  (of  course  it 
offers  a  toolbar  —  and  of  course  it’s  Internet  Explorer  only  at  this  point)  lets 
you  keep  notes  on  specific  pages,  which  is  another  nice  feature  to  help  you 
keep  track  of  things. 

Still,  as  search  engine  aficionado  John  Batelle,  who  broke  the  news  about  A9 
last  week,  asks:  Why  is  Google  letting  Amazon  experiment  with  its  database  on 
a  way  to  out-Google  Google?  Read  more  from  Batelle  at  DocFinder:  1635. 

Clueless  California  lawmakers 

Speaking  of  Google,  California  state  Sen.  Liz  Figueroa  (D-Freemont)  says 
she  will  file  legislation  to  ban  its  planned  Gmail  service  because  the  service 


will  accompany  e-mail  with,  gasp,  ads  (obviously,  she  has  never  received  mail 
from  a  Hotmail  orYahoo  account).  Derek  Powazek,  who  is  beta-testing  Gmail, 
uses  his  account  to  write  the  senator: 

“I  am  a  Democrat  and  privacy  concerns  are  important  to  me.  I  also  loathe 
being  forced  to  consume  advertising  and  therefore  appreciate  all  your  work  on 
the  California  Do  Not  Call  list.  But  I  have  to  tell  you,  I  encounter  more  vicious 
advertising  walking  down  the  street  than  I  do  in  Gmail.  E-mail  itself  is  full  of 
awful,  flashing,  HTML  ads  because  of  spam.  If  you  want  to  fight  the  encroach¬ 
ment  of  advertising  into  our  daily  lives,  I'm  all  for  it,  but  fighting  with  Gmail 

before  it  even  launches  is  picking  the  wrong  battle  at  the  wrong  time _ "  Read 

his  complete  message  at  DocFinder:  1636. 

Fiber  to  the  home 

Jim  Stewart's  been  thinking  about  fiber  to  the  home  —  he  looks  at  why  we’ll 
need  it  and  who  should  provide  it  (hint:  It’s  not  your  friendly  incumbent  carrier  or 
cable  provider). 

Interestingly,  he  says,  wireless  will  play  a  big  role  in  the  Home  ofTomorrow  — 
by  tying  together  all  the  interesting  gizmos  we'll  have  all  over  the  place  —  but 
ultimately  only  fiber  can  provide  the  bandwidth  big  enough  to  connect  us  to  the 
outside  world.  Read  his  thoughts  at  DocFinder:  1649. 

On  the  Cisco  LEAP  hacking  tool 

Mike  Rowehl  reacts  to  the  news  that  somebody's  released  a  tool  for  automat¬ 
ing  attacks  against  Cisco's  Lightweight  Extensible  Authentication  Protocol 
(LEAP)  wireless  encryption:  "...  Sure,  it's  hard  to  get  security  right.  But  this 
time  the  problem  seems  to  be  just  pure  greed.  Everyone  jumped  in  before  they 
were  really  ready."  Read  more  at  DocFinder:  1650. 

Accept  no  substitutes,  except  when  'Net  Buzz  is  away.  Gaffin  is  executive  editor  of 
Network  World  Fusion;  read  Compendium  daily  at  www.nwfusion.com/ 
compendium  /index,  html. 
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Foundry  leads  the  way. 
ID  Gigabit  Ethernet. 
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Go  with  the  leader  in  1  OGbE.  The  first  to  market,  with  leading  reference  accounts  and 
market  share,  and  maximum  performance  and  port  density.  The  broadest  range  in  I  OGbE  solutions 
is  here.  Front  Big!  roll'  haver  3  switches,  to  Net  Iron'  switching  routers,  to  the  new.  Fast  Iron "  Edge  Xseries, 
Foundry  is  the  lOGbE  vendor  of  choice.  Our  products  are  leading  the  way  in  high-performance  computing, 
server  aggregation,  data  centers,  campus  LAN.  and  metro  and  Internet  edge  switching/routing.  Plus,  our 
field-proven,  wire-speed  lOGbE  solutions  deliver  superior  scalability,  quality  of  service  (QoS),  security, 
availability,  and  traffic  monitoring,  w  ith  exceptionally  low  latency  and  jitter — all  at  breakthrough  pricing. 
Supercharge  your  network  with  the  leading  lOGbE  solution.  Call  1.888.TURBOLAN  (1.888.887.2652) 
or  visit  www.foundrvnefworks.com /wav 
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focusing  on  what’s  attacking  my  servers 


i  want  to 


and  Start  focusing  on  attacking  new  markets 


Start  expanding  securely  with  Intrusion  Prevention  Solutions  from  McAfee  Security. 


By  combining  System  Protection  and  Network  Protection  Solutions,  the  McAfee:  Security  Protection-m-Depth  strategy  secures  yo 
business  from  the  desktop,  to  the  network,  to  the  server — the  mission-critical  heart  of  your  IT  infrastructure.  Add  our  Intrusion  Prevention 
technologies  and  you  can  start  preventing  known  and  unknown  threats  rather  than  merely  detecting  them.  Which  means  you  can  think  a 
tittle  less.gbout  security,  and  more  about  securing  new  markets.  Start  today  at  start.mcafeesecurity.com 


Because  security  is  not  just  about  what  you  can  stop. 
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